ZipRecruiter

Log In

1

Head Risk Management Jobs in Washington (NOW HIRING)

Tate

Head of Safety, Tate Americas

Columbia, MD · On-site

$190K/yr

Global Head of Compliance, Health & Safety and Quality Location : Hybrid (Columbia, MD) or Remote ... Risk Management, Hazard Control & Operational Safety * Govern the US risk-assessment program across ...

Spire

Global Head of HR Operations

Washington, DC

Spire is seeking a Global Head of HR Operations to lead the operational infrastructure, systems ... Governance, Compliance & Risk Management * Build and maintain strong operational governance ...

Spire

Global Head of HR Operations

Washington, DC

Spire is seeking a Global Head of HR Operations to lead the operational infrastructure, systems ... Governance, Compliance & Risk Management * Build and maintain strong operational governance ...

Spire

Global Head of HR Operations

Washington, DC · On-site

Spire is seeking a Global Head of HR Operations to lead the operational infrastructure, systems ... Governance, Compliance & Risk Management * Build and maintain strong operational governance ...

Anthropic

National Security Policy Lead, Cyber

Washington, DC · On-site

$125.70K - $169.90K/yr

... Head of National Security Policy. You will serve as Anthropic's principal cyber policy voice with the federal government and Congress, sector risk management agencies, and allied government ...

S&P Global

Analyst, Corporate Insurance

Centreville, VA · On-site

$19.75 - $27/hr

... the Head of Risk Management Knowledge & experience : • Bachelor's Degree in Risk Management, Finance, or a related field • 3+ years of risk management, underwriting or insurance brokerage ...

S&P Global

Analyst, Corporate Insurance

Centreville, VA

$19.75 - $27/hr

... Head of Risk Management Knowledge & experience : Bachelor's Degree in Risk Management, Finance, or a related field 3+ years of risk management, underwriting or insurance brokerage experience ...

next page

Showing results 1-20

People also search for

All JobsHead Risk Management JobsHead Risk Management Jobs in Washington

Head Risk Management information

See Washington salary details

$61.2K

$162.2K

$294.5K

How much do head risk management jobs pay per year?

As of May 31, 2026, the average yearly pay for head risk management in Washington is $162,170.00, according to ZipRecruiter salary data. Most workers in this role earn between $119,500.00 and $189,700.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Head of Risk Management, and why are they important?

To thrive as a Head of Risk Management, you need deep expertise in risk assessment, regulatory compliance, and financial analysis, typically backed by a relevant degree and experience in risk-related roles. Familiarity with risk management frameworks, enterprise risk management (ERM) systems, and certifications like FRM or PRM are highly valued. Strategic thinking, leadership, and strong communication skills set outstanding risk leaders apart. These capabilities are crucial to effectively identify, mitigate, and communicate risks that could impact organizational objectives.

What are some common challenges faced by a Head of Risk Management, and how can candidates prepare to address them?

A Head of Risk Management often faces challenges such as balancing regulatory compliance with business objectives, managing emerging risks, and fostering a risk-aware culture across departments. Candidates should be prepared to navigate complex regulatory landscapes, communicate effectively with both executive leadership and operational teams, and implement proactive risk assessment frameworks. Staying updated on industry trends and building strong cross-functional relationships are key to successfully mitigating risks and supporting organizational goals.

What does a Head of Risk Management do?

A Head of Risk Management is responsible for identifying, assessing, and mitigating potential risks that could impact an organization's operations, finances, or reputation. They develop risk management strategies and policies, oversee risk assessments, and ensure compliance with relevant laws and regulations. This role often involves working closely with senior leadership to make informed decisions and implement effective risk controls across the company.

What is the difference between Head Risk Management vs Risk Analyst?

AspectHead Risk ManagementRisk Analyst
CredentialsTypically requires advanced degrees (e.g., MBA, CFA) and extensive experienceUsually requires a bachelor's degree, often with certifications like FRM or CFA
Work EnvironmentStrategic leadership, overseeing risk policies across departmentsData analysis, risk assessment, and reporting within teams
Industry UsageExecutive-level role in finance, banking, insurance, and corporate sectorsOperational role in risk assessment teams across similar industries

The Head Risk Management focuses on strategic oversight and policy development at an executive level, while the Risk Analyst handles detailed risk assessments and data analysis. Both roles are essential in risk management but differ in scope, responsibilities, and seniority.

What are the most commonly searched types of Risk Management jobs in Washington? The most popular types of Risk Management jobs in Washington are:
What cities in Washington are hiring for Head Risk Management jobs? Cities in Washington with the most Head Risk Management job openings:
Head Risk Management jobs near you
Infographic showing various Head Risk Management job openings in Washington as of May 2026, with employment types broken down into 82% Full Time, and 18% Part Time. Highlights an 60% Physical, and 40% Remote job distribution, with an average salary of $162,170 per year, or $78 per hour.

Governance Risk Compliance (GRC) Manager

Antithesis Operations LLC

Vienna, VA • On-site

Full-time

Posted 26 days ago

Job description

About Antithesis
We provide a platform that helps engineering teams identify and resolve bugs that traditional testing approaches miss. Antithesis runs your entire system in a deterministic simulation, breaks it in every way imaginable, and hands you a root cause and a perfect reproduction - no flaky tests, no false positives, no "works on my machine". This allows engineering teams to debug faster and ship with greater confidence.
The rise of AI-generated code has made what we do more important than ever. Agents can write code faster than any human - but faster code isn't better code if it's buggy, stuck in review, or issues are slipping through the cracks undetected. The verification bottleneck is real and it's growing. This is exactly the problem Antithesis exists to solve. We've been quietly reinventing how the world thinks about software reliability, and we're just getting started.
We're well-funded, deeply technical, and building a platform that tackles one of the most complex yet important problems in modern software engineering. If that sounds like fun to you, keep reading.
About the Role
We are looking for our first dedicated GRC hire. This is an ownership, hands-on role.
You will build and run our compliance program end-to-end - not as a support function, but as a core part of how we earn and keep customer trust. At a company like ours, where enterprise customers need to trust us with their most sensitive infrastructure, GRC is a sales function as much as it is an operational one.
A note on what we mean by "ownership." This is not a role where you maintain a checklist someone else built. You will own the GRC calendar, the Vanta instance, the policy library, the audit evidence, and the security questionnaire queue. If something in our compliance posture is broken, that's yours to fix. If a deal is stalling because a prospect has a 40-question security questionnaire, you're the one who unblocks it.
This is an individual contributor role. It is not a CISO, not a security engineering role, and not a penetration tester. You will not own security architecture or vulnerability management - but you will need strong enough relationships with the people who do to keep those programs feeding your compliance work on time.
This role will initially report to the VP, Strategic Initiatives within the Operations team, with a strong dotted line to the Head of Infrastructure. Within the first ~3-6 months, we will collaboratively identify the long-term reporting structure for this role. This role will work closely with Operations, Legal, People (HR), Engineering, and IT.
What You'll Own
SOC 2 & Audit Management
  • Own our SOC 2 audit end-to-end, including the transition from point-in-time to a rolling 12-month window
  • Serve as the primary liaison with our external auditors
  • Maintain the evidence repository and ensure controls are documented, tested, and current
  • Own and maintain Vanta as the system of record for our compliance program

Policy & Controls
  • Maintain and continuously improve our policy library - keeping policies accurate, readable, and actually followed
  • Run the GRC calendar: tabletop exercises, prepare security committee meetings, security awareness training, and annual reviews
  • Identify control gaps and drive remediation across Engineering, IT, HR, and Operations

Trust Center & Customer-Facing Compliance
  • Own and maintain our trust center
  • Manage the inbound security questionnaire queue for enterprise sales - turn these around quickly and accurately with a sales-forward mindset to accelerate deals
  • Be the go-to resource for enterprise prospects who need to understand our security and compliance posture
  • Support vendor security reviews on both sides: evaluating vendors we onboard and participating in customer-side reviews of us

Risk Management
  • Maintain the risk register and lead regular risk review cadences
  • Identify, document, and escalate risks across people, vendors, and infrastructure

Additional
  • Support penetration testing, vulnerability management, and security architecture - Engineering and Infra lead these, but you keep them on-track and ensure findings are tracked and remediated
  • Lay groundwork for future frameworks as the business requires: e.g., ISO 27001, GDPR, FedRAMP
  • Support Legal and commercial contracting on security-related clauses and DPAs
  • Support HR policy development in partnership with the Head of HR, including security-related employee policies, acceptable use, and onboarding/offboarding procedures
Who You'll Work With
You will interface regularly with Engineering & Infrastructure, Legal, HR, Finance, and Operations. You will represent Antithesis externally in front of enterprise buyers, auditors, and security-conscious prospects.
Requirements
Required
  • 3-5 years of GRC, compliance, or IT audit experience, ideally in a SaaS or highly technical environment
  • Hands-on experience with multiple SOC 2 audits - not advisory, not adjacent, but in the room with the auditors and owning the evidence
  • Ability to go deep on our technical architecture, understand what we do and why - including bespoke features of our environment such as NixOS
  • SRE, security engineering, engineering or equivalent technical background (education and/or experience)
  • Experience with AWS and GCP infrastructure, and Infrastructure as code (IaC)
  • Strong written communication (including customer-facing communications) and comfortable writing policy, not just reviewing it
  • Ability to learn quickly in a fast-paced, high-growth environment

Nice to Have
  • Relevant certifications: CISA, CISSP, CISM, CCSK, or similar
  • Familiarity with ISO 27001, GDPR, or FedRAMP frameworks
  • Experience supporting Legal on DPAs or commercial security schedules
  • Experience owning or heavily using a GRC tool (Vanta preferred)

Apply