ZipRecruiter

Log In

1

Cybersecurity Risk Management Jobs in Draper, UT

Conduent, Inc.

Cyber Operations Engineer III

Sandy, UT · On-site +1

$91K - $118K/yr

Manage multi-step breach and investigative analysis of advanced threats * Serve as an escalation ... Enforce a defense-in-depth methodology in support of the overall enterprise cyber security risk ...

next page

Showing results 1-20

All JobsCybersecurity Risk Management JobsCybersecurity Risk Management Jobs in Draper, UT

Cybersecurity Risk Management information

See Draper, UT salary details

$53.3K

$124.3K

$173.9K

How much do cybersecurity risk management jobs pay per year?

As of Jun 29, 2026, the average yearly pay for cybersecurity risk management in Draper, UT is $124,299.00, according to ZipRecruiter salary data. Most workers in this role earn between $103,800.00 and $140,200.00 per year, depending on experience, location, and employer.

What is the role of a risk manager in cybersecurity?

A cybersecurity risk manager identifies, assesses, and prioritizes security risks to an organization’s information systems. They develop strategies to mitigate threats, implement security controls, and ensure compliance with industry standards, often using tools like risk assessment frameworks and security audits. Their role is essential in protecting digital assets and supporting overall cybersecurity posture.

Is security risk management a good career?

Security risk management is a valuable career in cybersecurity, focusing on identifying and mitigating threats to organizational assets. It often requires knowledge of security frameworks, risk assessment tools, and certifications like CISSP or CISM. The field offers strong job growth, competitive salaries, and opportunities across various industries.

What are some common challenges faced by professionals in Cybersecurity Risk Management, and how can they be addressed?

Professionals in Cybersecurity Risk Management often encounter challenges such as keeping up with rapidly evolving cyber threats, balancing security needs with business objectives, and ensuring compliance with industry regulations. Addressing these challenges requires continuous learning, effective communication with stakeholders, and close collaboration with IT, legal, and business teams. Building strong partnerships across departments and investing in ongoing training can help mitigate these obstacles and support proactive risk management.

What is the difference between Cybersecurity Risk Management vs Cybersecurity Analyst?

AspectCybersecurity Risk ManagementCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCompTIA Security+, CEH, CISSP
Work EnvironmentRisk assessment, policy development, strategic planningMonitoring security systems, incident response, vulnerability analysis
Employer & Industry UsageFinancial, healthcare, government, large enterprisesIT departments, cybersecurity firms, corporate security teams

Cybersecurity Risk Management focuses on identifying, assessing, and mitigating security risks at an organizational level, often involving policy creation and strategic planning. In contrast, a Cybersecurity Analyst primarily monitors security systems, responds to incidents, and analyzes vulnerabilities. Both roles require similar certifications but serve different functions within cybersecurity teams.

What are the key skills and qualifications needed to thrive in Cybersecurity Risk Management, and why are they important?

To thrive in Cybersecurity Risk Management, you need a solid understanding of information security principles, risk assessment methodologies, compliance standards, and typically a degree in cybersecurity or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), security tools, and professional certifications like CISSP or CRISC is highly valued. Strong analytical thinking, effective communication, and problem-solving skills help professionals translate technical risks for non-technical stakeholders and foster collaboration. These competencies are crucial to proactively identifying threats, managing vulnerabilities, and ensuring organizational resilience in a rapidly evolving digital landscape.

What is cybersecurity risk management?

Cybersecurity risk management is the process of identifying, assessing, and prioritizing risks to an organization's digital assets and information systems. It involves implementing strategies and controls to minimize the impact of potential cyber threats, such as data breaches, malware, and unauthorized access. The goal is to balance security measures with business needs, ensuring sensitive information remains protected while maintaining operational efficiency. Effective risk management is ongoing, adapting to new threats and changes within the organization.

What is risk management in cyber security?

In cybersecurity risk management, professionals identify, assess, and prioritize potential security threats to an organization’s information systems. They implement strategies and controls to mitigate or accept risks, often using frameworks like NIST or ISO 27001, and may hold certifications such as CISSP or CISM to ensure effective risk handling.

Can you make $500,000 a year in cyber security?

Cybersecurity risk management professionals can potentially earn $500,000 or more annually, especially at senior levels, in leadership roles, or with extensive experience and specialized certifications like CISSP or CISM. High salaries are often associated with executive positions, consulting, or working in large organizations with complex security needs.
What are popular job titles related to Cybersecurity Risk Management jobs in Draper, UT? For Cybersecurity Risk Management jobs in Draper, UT, the most frequently searched job titles are:
What job categories do people searching Cybersecurity Risk Management jobs in Draper, UT look for? The top searched job categories for Cybersecurity Risk Management jobs in Draper, UT are:
What cities near Draper, UT are hiring for Cybersecurity Risk Management jobs? Cities near Draper, UT with the most Cybersecurity Risk Management job openings:
Cybersecurity Risk Management jobs near you
Infographic showing various Cybersecurity Risk Management job openings in Draper, UT as of June 2026, with employment types broken down into 1% As Needed, 84% Full Time, 8% Part Time, 3% Temporary, 3% Contract, and 1% Nights. Highlights an 85% Physical, 5% Hybrid, and 10% Remote job distribution, with an average salary of $124,299 per year, or $59.8 per hour.
Director IT and Cybersecurity

Director IT and Cybersecurity

BlackRock Neurotech

Salt Lake City, UT • On-site

Full-time

Posted 9 days ago

Job description

Build the systems that expand human capability
At Blackrock Neurotech, we've spent decades making the impossible possible - helping people move, speak, and reconnect with the world when they otherwise could not.
We've seen that restoring function restores more than ability. It restores independence, identity, and agency.
Today, we are building the next generation of human capability: brain-computer interfaces that are designed to be safe, scalable, and trusted in the real world. Our work is not only about reconnecting people to what was lost, but about expanding what is possible - creating a seamless interface between human intent and technology.
This is foundational work in a category-defining field. You will help build the infrastructure for a future where neural interfaces are invisible, reliable, and deeply human-centered.
Working at Blackrock Neurotech means:
  • Owning meaningful, high-impact problems at the frontier of science and engineering
  • Building alongside experienced, thoughtful peers across disciplines
  • Solving technically complex challenges grounded in real human outcomes
  • Contributing to a culture that values rigor, clarity, and long-term thinking over noise
The Role
Blackrock Neurotech is seeking a strategic and hands-on Director of IT & Cybersecurity to lead the evolution of the company's technology infrastructure, cybersecurity posture, enterprise systems, and IT operations as we scale our BCI business. This role owns the company's IT strategy and roadmap while ensuring the reliability, security, compliance, and cost-effectiveness of systems that support our growing team, mission-critical neurotechnology R&D, clinical operations, product development, and sensitive intellectual property.
The Director of IT & Cybersecurity will partner closely with executive leadership to align technology investments with company growth, regulatory requirements, and commercial readiness - including the data privacy, quality system, cybersecurity, and product security obligations inherent in medical device development. The ideal candidate brings both strategic vision and operational depth: able to modernize infrastructure, build cybersecurity governance, protect proprietary neural research data, support product security requirements for regulatory approvals, and prepare the organization for regulatory scrutiny, investor diligence, and hospital/enterprise customer security assessments.
This role directly manages a small existing IT team (1-3 people) and owns relationships with external vendors and managed service providers.
What You'll Do
Lead IT Strategy and Infrastructure
  • Own and execute Blackrock's enterprise IT strategy and technology roadmap
  • Drive IT operational excellence through infrastructure optimization, vendor management, and continuous improvement initiatives.Design and maintain scalable infrastructure supporting a growing organization and distributed workforce
  • Oversee hybrid cloud environments including Azure, Microsoft 365, and enterprise collaboration platforms
  • Ensure high availability, reliability, and performance across enterprise systems and networks
  • Establish and maintain scalable, secure, and cost-effective technology operations that support corporate, R&D, clinical, and manufacturing functions.
  • Drive IT operational excellence through infrastructure optimization, vendor management, and continuous improvement initiatives.
  • Oversee the planning, deployment, and ongoing support of customer installations, ensuring successful implementation, monitoring, performance, security, and operational readiness of deployed systems.

Strengthen Cybersecurity and Risk Governance
  • Develop and implement cybersecurity frameworks, policies, and governance practices - including NIST CSF or ISO 27001 alignment
  • Lead initiatives that improve the company's security posture, risk visibility, and compliance readiness across regulated and commercial environments
  • Oversee identity and access management including SSO, MFA, and role-based access controls
  • Build and maintain a Data Loss Prevention (DLP) program to protect proprietary neural research data, device IP, and clinical trial data
  • Develop and maintain an incident response plan scoped to a regulated medical device environment, including FDA-reportable breach scenarios
  • Partner with Product Development, Quality, and Regulatory teams to establish and maintain product cybersecurity controls, risk management processes, and security documentation required for FDA submissions, customer requirements, and other regulatory approvals.
  • Own vendor risk management including Business Associate Agreements (BAAs) and third-party security assessments
  • Provide strategic input into product requirements, product architecture, and corporate processes to ensure cybersecurity, compliance, and quality considerations are embedded throughout the organization, including adherence to ISO 13485 and related regulatory standards.

Drive Regulatory Compliance and Quality System Support
  • Ensure IT infrastructure, systems, and processes meet requirements under HIPAA, FDA 21 CFR Part 11, FDA QSR/QMSR (21 CFR Part 820), and SOC 2
  • Lead Computer System Validation (CSV) efforts for GxP-relevant systems including quality management, lab, and clinical platforms
  • Support ISO 27001 certification planning and execution as the company scales toward commercial operations
  • Manage GDPR obligations for data protection
  • Support internal audits, regulatory inspections, and investor or customer security assessments
  • Serve as the primary IT and security liaison for FDA, customer, and partner diligence activities
  • Support product cybersecurity activities related to medical device development, including threat modeling, vulnerability management, software security requirements, and documentation necessary for regulatory submissions and audits.

Lead Enterprise Systems and Technology Modernization
  • Evaluate and implement enterprise platforms that improve operational efficiency and regulatory readiness
  • Support integration of ERP, quality management systems (QMS), analytics, and collaboration platforms
  • Drive modernization initiatives across infrastructure, cloud platforms, and security tooling
  • Provide leadership and oversight for the evaluation, development, and implementation of AI-driven solutions across enterprise operations and product offerings, ensuring alignment with business objectives, cybersecurity standards, regulatory requirements, and responsible AI practices.

Build and Lead the IT Team
  • Directly manage and develop a small IT team (1-3 people), with accountability for hiring, performance, and team growth as the company scales
  • Foster a culture of security awareness across the organization through training, policies, and communication
  • Manage external technology vendors including MSPs, ISPs, and cloud providers

Partner with Executive Leadership
  • Collaborate with the executive team to align IT and security investments with company growth, commercial strategy, and regulatory milestones
  • Provide clear, non-technical guidance on cybersecurity posture, compliance status, and technology risk
  • Prepare and present IT and security readiness materials for investor diligence, board reporting, and customer security assessments
  • Manage IT budgeting, forecasting, vendor contracts, and technology investment planning while driving cost optimization initiatives and ensuring efficient allocation of resources across infrastructure, cybersecurity, and enterprise systems.
What You Bring
Minimum Qualifications
  • 15+ years of progressive experience in IT infrastructure, enterprise systems, or cybersecurity leadership
  • Demonstrated experience developing and executing enterprise IT strategy and roadmaps in scaling organizations
  • Strong expertise with Microsoft enterprise environments including Azure, Active Directory, and Microsoft 365
  • Experience managing hybrid cloud infrastructure and multi-location environments
  • Proven experience building or improving cybersecurity governance, risk management, and compliance frameworks
  • Working knowledge of HIPAA security and privacy requirements and their application to IT systems
  • Familiarity with FDA 21 CFR Part 11 and QSR/QMSR requirements as they relate to IT and computer systems
Preferred Qualifications
  • Experience in medical device, healthcare, life sciences, or other FDA-regulated industries
  • Experience with Computer System Validation (CSV) in a GxP environment
  • Familiarity with ISO 27001 implementation or certification
  • Knowledge of GDPR and its application to sensitive personal or health data
  • Experience with ISO 13485 quality management systems as they relate to IT infrastructure
  • Familiarity with IEC 62443 or NIST Cybersecurity Framework in operational or lab technology environments
  • Experience supporting investor security diligence, M&A readiness, or enterprise customer security assessments
  • Experience with ERP systems or quality management system (QMS) platforms
  • Demonstrated experience supporting or operating within an ISO 13485-certified quality management system
  • Experience contributing to AI/ML-enabled products, enterprise AI initiatives, or governance of AI technologies.
  • One or more relevant certifications: CISSP, CISM, CRISC, HCISPP, CIPP/US, CIPP/E, or ISO 27001 Lead Implementer/Auditor
  • Microsoft Azure, security, or infrastructure certifications
  • Experience supporting customer-facing technology deployments, implementations, or enterprise installations.
How We Work
We are a small, experienced team working on consequential problems.
  • We take ownership of outcomes and follow through with clarity and accountability
  • We prioritize sustained, high-quality work over performative urgency
  • We value rigor, sound judgement and thoughtful decision-making
  • We collaborate deliberately: low ego, high trust and high context

This is a high-ownership role, but it is not an "always-on" one. We expect strong work and our people to have a life outside of it.

Apply