ZipRecruiter

Log In

1

Cybersecurity Risk Management Jobs in Kentucky (NOW HIRING)

Papa John's

Senior Manager GRC

Louisville, KY · On-site

Establishing and operating the enterprise cybersecurity risk management program, including risk identification, prioritization, and tracking * Defining and enforcing risk acceptance, escalation, and ...

Papa John's

Senior Manager GRC

Louisville, KY

Establishing and operating the enterprise cybersecurity risk management program, including risk identification, prioritization, and tracking * Defining and enforcing risk acceptance, escalation, and ...

Deloitte

Cyber Manager - ServiceNow

Louisville, KY · On-site

$106K - $143K/yr

... Risk Management workstreams in partnership with architects and product owners • Managing ... Required : • Bachelor's degree in Computer Science, Cyber Security, Information Security ...

University of Kentucky

Cybersecurity Analyst

Lexington, KY · Hybrid

$52K - $85K/yr

This position combines security operations, risk management, and technology systems, ensuring that ... Experience in cybersecurity, information security, or IT systems support * Knowledge of security ...

Compunnel

Business System Analyst

Covington, KY · On-site

... of cybersecurity risk management and access control frameworks. • Experience mentoring business analysts and contributing to team development. • Familiarity with enterprise-scale IAM ...

Varsity Tutors

Cyber Security Tutor

Lexington, KY · Remote

$40/hr

Emphasizes a systematic approach to security assessment and connects cybersecurity to business risk management, compliance requirements, and ethical computing practices. * Curriculum Awareness ...

Varsity Tutors

Cyber Security Tutor

Louisville, KY · Remote

$40/hr

Emphasizes a systematic approach to security assessment and connects cybersecurity to business risk management, compliance requirements, and ethical computing practices. * Curriculum Awareness ...

Deloitte

Manager - ServiceNow

Louisville, KY · On-site +1

... cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever ... Risk Management workstreams in partnership with architects and product owners * Managing ...

Deloitte

Cyber Data Protection/PKI Manager

Louisville, KY

$106K - $144K/yr

Strong understanding of delivery governance, risk management, dependencies, and quality assurance ... Bachelor's degree in Cybersecurity, Information Security, Engineering, Computer Science ...

next page

Showing results 1-20

All JobsCybersecurity Risk Management JobsCybersecurity Risk Management Jobs in Kentucky

Cybersecurity Risk Management information

See Kentucky salary details

$49.5K

$115.5K

$161.5K

How much do cybersecurity risk management jobs pay per year?

As of Jun 20, 2026, the average yearly pay for cybersecurity risk management in Kentucky is $115,481.00, according to ZipRecruiter salary data. Most workers in this role earn between $96,400.00 and $130,300.00 per year, depending on experience, location, and employer.

What is the role of a risk manager in cybersecurity?

A cybersecurity risk manager identifies, assesses, and prioritizes security risks to an organization’s information systems. They develop strategies to mitigate threats, implement security controls, and ensure compliance with industry standards, often using tools like risk assessment frameworks and security audits. Their role is essential in protecting digital assets and supporting overall cybersecurity posture.

Is security risk management a good career?

Security risk management is a valuable career in cybersecurity, focusing on identifying and mitigating threats to organizational assets. It often requires knowledge of security frameworks, risk assessment tools, and certifications like CISSP or CISM. The field offers strong job growth, competitive salaries, and opportunities across various industries.

What are some common challenges faced by professionals in Cybersecurity Risk Management, and how can they be addressed?

Professionals in Cybersecurity Risk Management often encounter challenges such as keeping up with rapidly evolving cyber threats, balancing security needs with business objectives, and ensuring compliance with industry regulations. Addressing these challenges requires continuous learning, effective communication with stakeholders, and close collaboration with IT, legal, and business teams. Building strong partnerships across departments and investing in ongoing training can help mitigate these obstacles and support proactive risk management.

What is the difference between Cybersecurity Risk Management vs Cybersecurity Analyst?

AspectCybersecurity Risk ManagementCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCompTIA Security+, CEH, CISSP
Work EnvironmentRisk assessment, policy development, strategic planningMonitoring security systems, incident response, vulnerability analysis
Employer & Industry UsageFinancial, healthcare, government, large enterprisesIT departments, cybersecurity firms, corporate security teams

Cybersecurity Risk Management focuses on identifying, assessing, and mitigating security risks at an organizational level, often involving policy creation and strategic planning. In contrast, a Cybersecurity Analyst primarily monitors security systems, responds to incidents, and analyzes vulnerabilities. Both roles require similar certifications but serve different functions within cybersecurity teams.

What are the key skills and qualifications needed to thrive in Cybersecurity Risk Management, and why are they important?

To thrive in Cybersecurity Risk Management, you need a solid understanding of information security principles, risk assessment methodologies, compliance standards, and typically a degree in cybersecurity or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security tools, and professional certifications like CISSP or CRISC is highly valued. Strong analytical thinking, effective communication, and problem-solving skills help professionals translate technical risks for non-technical stakeholders and foster collaboration. These competencies are crucial to proactively identifying threats, managing vulnerabilities, and ensuring organizational resilience in a rapidly evolving digital landscape.

What is cybersecurity risk management?

Cybersecurity risk management is the process of identifying, assessing, and prioritizing risks to an organization's digital assets and information systems. It involves implementing strategies and controls to minimize the impact of potential cyber threats, such as data breaches, malware, and unauthorized access. The goal is to balance security measures with business needs, ensuring sensitive information remains protected while maintaining operational efficiency. Effective risk management is ongoing, adapting to new threats and changes within the organization.

What is risk management in cyber security?

In cybersecurity risk management, professionals identify, assess, and prioritize potential security threats to an organization’s information systems. They implement strategies and controls to mitigate or accept risks, often using frameworks like NIST or ISO 27001, and may hold certifications such as CISSP or CISM to ensure effective risk handling.

Can you make $500,000 a year in cyber security?

Cybersecurity risk management professionals can potentially earn $500,000 or more annually, especially at senior levels, in leadership roles, or with extensive experience and specialized certifications like CISSP or CISM. High salaries are often associated with executive positions, consulting, or working in large organizations with complex security needs.
What are popular job titles related to Cybersecurity Risk Management jobs in Kentucky? For Cybersecurity Risk Management jobs in Kentucky, the most frequently searched job titles are:
What job categories do people searching Cybersecurity Risk Management jobs in Kentucky look for? The top searched job categories for Cybersecurity Risk Management jobs in Kentucky are:
Cybersecurity Risk Management jobs near you
Senior Manager GRC

Senior Manager GRC

Papa John's

Louisville, KY • On-site

Full-time

Posted 16 days ago

Papa John's rating

4.8

Company rating: 4.8 out of 10

Based on 745 frontline employees who took The Breakroom Quiz

20th of 22 rated food delivery companies

Job description

What's Unique About You Is What Makes Us Better! Diversity is our strength and competitive advantage. Bring your flavor to the Papa John's team today!
Position Overview
Papa Johns is seeking a Senior Manager, Governance, Risk & Compliance to establish and operate the cybersecurity governance and risk control plane across the enterprise. This role is responsible for enabling risk-informed decision making, clear accountability, and consistent control governance across business, IT, cloud, and third-party environments. The ideal candidate will bring strong judgment, the ability to operate across organizational boundaries, and experience building and scaling GRC capabilities in complex environments.
Responsibilities
The primary responsibilities of this role include:
  • Establishing and operating the enterprise cybersecurity risk management program, including risk identification, prioritization, and tracking
  • Defining and enforcing risk acceptance, escalation, and accountability frameworks
  • Developing executive and board-level risk reporting aligned to business impact
  • Defining and governing cybersecurity policies, standards, and control frameworks aligned to industry standard frameworks
  • Ensuring consistent control implementation and enforcement across IT, cloud, and business environments
  • Leading exception management processes to ensure risk is explicitly understood and accepted at the right levels
  • Establishing and leading the third-party risk management program, including vendor tiering and assessments
  • Coordinating regulatory and audit engagements (internal and external)
  • Partnering across Security, IT, Legal, Compliance, and Procurement (among others as relevant) to align risk and control expectations
  • Establishing and governing the cybersecurity awareness and training program, ensuring it is aligned to enterprise risk and tailored user roles
  • Overseeing control validation, testing, and assurance activities
  • Ensuring governance of vulnerability management, logging, and detection capabilities
  • Driving continuous improvement through risk insights, incident learnings, and control effectiveness reviews
  • Managing and optimizing budget and resources to support governance, risk, and compliance capabilities

Qualifications
The successful candidate will possess the following:
  • 6-10+ years of experience in cybersecurity risk management
  • Proven leadership experience in building, scaling, and maturing teams and operating models
  • Strong understanding of cybersecurity control frameworks
  • Demonstrated ability to translate technical risk into business impact and action
  • Experience building or maturing GRC programs in complex organizations
  • Strong judgment in prioritization, tradeoff decisions, and stakeholder alignment
  • Experience supporting or leading SOX ITGC and/or application control environments in a complex organization
  • Experience establishing or evolving security awareness and behavior change programs
  • Excellent communication skills and ability to influence across technical and business stakeholders
  • Experience working with third-party risk, audit, and compliance functions

Day in the Life
This role is less about managing a checklist and more about orchestrating how the organization understands and acts on risk.
A typical day may include:
  • Reviewing the enterprise risk register, identifying where risks are aging, stuck, or no longer aligned to business priorities
  • Coaching and developing team members and leaders, ensuring clarity in priorities, accountability, and execution
  • Meeting with Security and IT leaders to challenge and refine risk prioritization, ensuring the highest-impact issues are being addressed first
  • Partnering with a business or product team to translate a technical control gap into business impact, helping them understand tradeoffs and required actions
  • Working through a risk acceptance decision, ensuring the right level of leadership is engaged and the decision is documented and understood
  • Aligning with Procurement and Legal on a high-risk third-party engagement, ensuring appropriate controls and risk mitigation strategies are in place
  • Coordinating with vulnerability management, detection, or testing teams to ensure findings are being tracked, prioritized, and driven to resolution
  • Preparing or refining executive-level reporting, focusing on what has improved, what remains at risk, and where decisions are needed
  • Resolving cross-team friction where ownership, accountability, or priorities are unclear, bringing structure and clarity to move work forward

Work Environment
This is a leadership role operating across a complex, cross-functional environment. Success requires the ability to influence without authority, bring clarity to ambiguity, and align diverse stakeholders toward common risk outcomes.
Our Values
  • EVERYONE BELONGS - We believe connectedness and belonging are the essential ingredients to our success.
  • DO THE RIGHT THING -We are relentlessly focused on quality and integrity and make the right choices, even when it's difficult.
  • PEOPLE FIRST - To craft positive experiences for our customers, we take care of each other first.
  • INNOVATE TO WIN - We champion and challenge for a better way in all we do.
  • HAVE FUN - We find joy, create meaningful impact and celebrate the journey together

Our Core Competencies
  • EVERYONE BELONGS - We believe connectedness and belonging are the essential ingredients to our success.
  • DO THE RIGHT THING -We are relentlessly focused on quality and integrity and make the right choices, even when it's difficult.
  • PEOPLE FIRST - To craft positive experiences for our customers, we take care of each other first.
  • INNOVATE TO WIN - We champion and challenge for a better way in all we do.
  • HAVE FUN - We find joy, create meaningful impact and celebrate the journey together

Papa Johns is an equal opportunity employer.
Papa Johns is a federal contractor that participates in the E-Verify program to confirm employment eligibility for each new team member. We also comply with all Right to Work requirements. Official E-Verify and Right to Work notices are available for applicants to review in both English and Spanish.
Everybody loves pizza, which means they also love the people who are behind the scenes working to deliver it. This is complex and challenging work - but let's face it - it's also pizza! If you want a fulfilling career with a company that's always moving forward, we're the right place.
Papa John's is a Federal Contract employer who participates in E-Verify to confirm employment eligibility for each new team member. For more information please view the following PDFs: E-Verify Poster (English) - Right to Work Poster (English) - E-Verify Poster (Spanish) - Right to Work Poster (Spanish) Papa John's is an Affirmative Action and Equal Opportunity Employer. For more information please click on the following PDF. See terms & conditions for site use.

What Papa John's employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply