1

It Risk Management Jobs (NOW HIRING)

With a broad range of banking, wealth management, and investment solutions, Rockland Trust combines ... The IT Risk Analyst's primary responsibility will be to conduct various risk assessments, including ...

The IT Risk Analyst helps manage the Firm's GRC and IT risk programs, focusing on information security for client data, attorney work, and privileged communications. Reporting to the IT Enterprise ...

Oversee governance and reporting across the IT Service Management (ITSM) ecosystem * Analyze ... Enhance vendor risk processes, including risk tiering, assessments, and monitoring

Reporting to the Global IT SOX Risk Management Leader, you'll drive strategic SOX readiness projects and provide risk advisory expertise across many process areas to ensure compliance with SOX while ...

Reporting to the Global IT SOX Risk Management Leader, you'll drive strategic SOX readiness projects and provide risk advisory expertise across many process areas to ensure compliance with SOX while ...

Support critical third-party vendor risk management activities * Develop, enhance, and maintain ... Previous experience in IT audit, operational risk management, regulatory compliance, or a Big Four ...

next page

Showing results 1-20

IT Risk Management information

See salary details

$51.5K

$111.6K

$170K

How much do it risk management jobs pay per year?

As of Jul 17, 2026, the average yearly pay for it risk management in the United States is $111,556.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,000.00 and $129,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an IT Risk Management professional, and why are they important?

To thrive in IT Risk Management, you need a strong understanding of information security principles, risk assessment methodologies, and regulatory compliance frameworks, typically supported by a degree in information technology, cybersecurity, or a related field. Familiarity with risk management tools (such as RSA Archer or MetricStream), knowledge of ISO 27001, and certifications like CISSP or CISM are highly valued. Strong analytical thinking, attention to detail, and effective communication skills help in identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets, ensuring compliance, and enabling informed decision-making regarding technology risks.

What are careers in risk management?

Careers in risk management involve identifying, assessing, and mitigating potential threats to an organization’s assets, operations, or reputation. Professionals in this field often work in finance, insurance, or corporate settings, utilizing skills in analysis, problem-solving, and familiarity with risk assessment tools. Common roles include risk analyst, risk manager, and compliance officer, often requiring certifications like FRM or CRM.

What are some common challenges faced by IT Risk Management professionals, and how can they effectively address them?

IT Risk Management professionals often encounter challenges such as rapidly evolving cyber threats, balancing compliance with operational efficiency, and communicating technical risks to non-technical stakeholders. Staying updated with the latest security trends and regulations is essential for effective risk assessment. Building strong cross-departmental relationships can help ensure that risk mitigation strategies are both practical and well-understood across the organization. Continuous learning and leveraging risk management frameworks, like NIST or ISO 27001, can also provide a solid foundation for addressing these challenges.

What is the difference between It Risk Management vs Cybersecurity Analyst?

AspectIt Risk ManagementCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentFocus on risk assessment, compliance, and mitigation strategies across IT systemsFocus on monitoring, analyzing, and responding to security threats
Employer & Industry UsageUsed in organizations prioritizing risk management and complianceUsed in security operations centers and cybersecurity teams

While both roles involve IT security, It Risk Management emphasizes assessing and mitigating risks across IT systems, whereas Cybersecurity Analysts focus on detecting and responding to security threats. Understanding these differences helps organizations assign the right roles for their security needs.

What is the highest paying risk management job?

The highest paying risk management roles are often executive positions such as Chief Risk Officer (CRO) or Director of Risk Management, with salaries exceeding $150,000 annually and sometimes reaching over $300,000 depending on the industry and company size. These roles require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills.

Is it risk a good career?

IT Risk Management is a viable career that involves identifying, assessing, and mitigating technology-related risks within organizations. It requires knowledge of cybersecurity, compliance standards, and risk assessment tools, often supported by certifications like CISSP or CISM. The field offers steady demand due to increasing cybersecurity threats and regulatory requirements, making it a stable career choice for those with relevant skills and experience.

What is the role of IT risk management?

IT risk management involves identifying, assessing, and mitigating risks related to information technology systems to protect data, assets, and operations. It includes implementing security controls, conducting audits, and ensuring compliance with standards like ISO 27001 or NIST frameworks. Professionals in this field often use risk assessment tools and require knowledge of cybersecurity principles.

What is IT Risk Management?

IT Risk Management is the process of identifying, assessing, and mitigating risks related to information technology systems and data within an organization. This discipline aims to protect information assets from threats such as cyberattacks, data breaches, and system failures by implementing security controls and policies. Effective IT Risk Management helps organizations comply with regulations, minimize financial losses, and ensure business continuity. Professionals in this field continuously monitor and update risk strategies to adapt to evolving technological threats.
More about IT Risk Management jobs
What cities are hiring for It Risk Management jobs? Cities with the most It Risk Management job openings:
What states have the most It Risk Management jobs? States with the most job openings for It Risk Management jobs include:
Infographic showing various It Risk Management job openings in the United States as of July 2026, with employment types broken down into 1% As Needed, 76% Full Time, 19% Part Time, and 4% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $111,556 per year, or $53.6 per hour.
IT Risk Analyst

IT Risk Analyst

Rockland Trust

Plymouth, MA • On-site

Full-time

Medical, Dental, Life, Retirement, PTO

Re-posted 8 days ago


Job description


Rockland Trust is a full-service commercial bank and financial services company committed to helping our neighbors reach their financial goals. Founded in 1907 and headquartered in Massachusetts, we proudly serve individuals, families, and businesses throughout New England with a strong emphasis on personal relationships, local decision-making, and community impact.
With a broad range of banking, wealth management, and investment solutions, Rockland Trust combines the resources of a growing financial institution with the personalized service of a community bank. Our long-standing philosophy-Where Each Relationship Matters®-guides how we work with our customers, colleagues, and communities every day.
At Rockland Trust, our employees are at the heart of our success. We foster a collaborative, inclusive, and values-driven culture that encourages professional growth, innovation, and work-life balance. We are deeply committed to community involvement, financial education, and creating a workplace where individuals can build meaningful, long-term careers.
We are currently seeking a BO/IT Risk Analyst to enhance our growing IT Risk Management team. As a member of the team, this position will provide practical and technical IT risk assessment expertise.
The IT Risk Analyst's primary responsibility will be to conduct various risk assessments, including control design assessments, and control operating effectiveness testing for core IT processes, and devices, among other things. The details of assessment and testing performed will be recorded in the Bank's systems of record, and results will be communicated to the appropriate stakeholders. The IT Risk Analyst will play a significant role in engaging various IT owners and contacts across business areas while assessing risk. This role will require close collaboration with application and infrastructure teams to define and assess risks, document and evaluate control design, and test control operating effectiveness. Further, the IT Risk Analyst will participate in the design and evaluation of proposed remediation plans for noted issues to support compliance with prescribed requirements.
The IT Risk Analyst will be encouraged to identify opportunities to automate the risk assessment process across the Bank and implement other compliance automation tools. The IT Risk Analyst may work on other regulatory and process risk assessment programs as well. Assessment duties assigned to this role require continuous development of knowledge regarding specific requirements, risks, and controls across a range of technologies, applications, processes, and infrastructure.
Responsibilities:
  • Assist with the development and enhancement of Bank-wide technology risk assessment programs, by way of understanding regulations, rules, and requirements to which the Bank is subject, assessing risk against those standards, assessing control design against specified risks, and executing control operating effectiveness testing to determine overall control effectiveness as it relates to specific risks
  • Conduct application and device risk assessments to gather risk specific information about technology applications and across various infrastructure components (network, storage, voice, etc.) to allow for risk assessment, design assessment, and control operating effectiveness testing
  • Conduct initial interviews/walkthroughs with key stakeholders to establish understanding of controls that exist within the application or process to ensure that relevant controls are accurately documented and inventoried
  • Frequent close collaboration with a wide range of stakeholders, both IT and non-IT, to perform the IT Risk Analyst's duties, including walkthroughs, evidence gathering, and testing
  • Partner with key stakeholders to identify and assess proposed plans to remediate identified issues and/or deficiencies and provide relevant input
  • Participate in communications between IT/IS and the levying entity to serve as point of contact for issues handling (as agreed upon)
  • In conjunction with the rest of the team, inform key stakeholders of assessment results based on the procedures performed, and the impact those results have on the Bank
  • Document work performed, including supporting evidence, and results thereof in the Bank's system of record
  • Participate in the continuous improvement efforts of the IT Risk Assessment Team to enhance the risk assessment process and continue adding value to the overall program
  • Demonstrate a proactive mindset for security education, awareness, and the IT environment

Requirements:
  • Bachelor's degree, preferably in Accounting, Cybersecurity (Information Assurance), Computer Science, Information Technology, or similar
  • 2-4 years of internal or external technology audit or risk assessment experience, including design assessment and control operating effectiveness testing
  • Financial services industry experience, or previous history of successfully navigating a highly regulated and matrixed environment
  • Detail oriented with the ability to examine and evaluate processes, controls, and issues to contribute to the successful and appropriate assessment of risk, while understanding how this applies to the holistic performance of the company
  • Articulate and support responses to audit or other types of findings
  • Ability to both work independently and collaborate effectively within a broader team and organization
  • Excellent verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, key stakeholders, team members, and other groups involved in the technology risk assessment process
  • Basic project and time management skills and ability to meet deadlines
  • Exposure to risk frameworks such as NIST, CIS, COBIT, or ISO preferred
  • CRISC, IT Risk Assessment/ Audit, CISSP, CISA, CISM or other industry-recognized risk and information assurance certifications preferred

Benefits & Culture
Our goal is to offer our colleagues the most generous benefits package possible. We provide a comprehensive suite of benefits designed to support your health, financial security, and overall, well-being. Benefits include: competitive compensation with performance-based incentive awards, health and dental insurance, a 401(k) and DC retirement plan, LTD and life insurance, paid vacation, day care reimbursement, tuition assistance for undergraduate and graduate programs, an award-winning wellness program, and much more!
At Rockland Trust, you'll find a respectful and inclusive environment where everyone has the opportunity to succeed. We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Pay Transparency
Compensation for this role will be based on a variety of factors, including skills, experience, education, and internal equity. The salary range posted reflects the company's good-faith estimate of the range for this position at the time of posting. Actual compensation may vary. In addition to base salary, certain positions may be eligible for additional compensation, including commissions, incentive awards or stipends.
Accessibility & Accommodations
We are committed to providing reasonable accommodations to enable individuals with disabilities to perform the essential functions of their roles.