1

Intern Technology Risk Management Jobs (NOW HIRING)

IST Risk Manager

Chicago, IL · On-site

$199K/yr

Governance, Risk & Compliance (GRC) - Information Security and Technology Risk Management Framework Ownership * Support the development, enhancement, and ongoing maintenance of the enterprise ...

Senior IT Risk Analyst (First Line of Defense) Rockland Trust is seeking a Senior IT Risk Analyst to advance the Bank's First Line of Defense IT Risk Management Program. This is a hybrid role, 3 days ...

next page

Showing results 1-20

Intern Technology Risk Management information

See salary details

$8

$17

$24

How much do intern technology risk management jobs pay per hour?

As of Jul 9, 2026, the average hourly pay for intern technology risk management in the United States is $17.04, according to ZipRecruiter salary data. Most workers in this role earn between $14.42 and $19.23 per hour, depending on experience, location, and employer.

What does a technology risk intern do?

A technology risk intern supports the identification, assessment, and mitigation of IT and cybersecurity risks within an organization. They assist with risk analysis, audit processes, and compliance efforts, often using tools like risk management software and working under the supervision of experienced professionals. The role provides exposure to risk frameworks and industry standards such as ISO 27001 or NIST.

What are the big 4 internships?

The Big 4 internships typically refer to internship programs at Deloitte, PricewaterhouseCoopers (PwC), Ernst & Young (EY), and KPMG. These firms offer internships in areas such as technology risk management, audit, consulting, and advisory, providing valuable experience and potential pathways to full-time roles in the professional services industry.

What does an Intern in Technology Risk Management do?

An Intern in Technology Risk Management assists teams in identifying, assessing, and mitigating risks related to technology systems and processes within an organization. Their responsibilities often include supporting risk assessments, monitoring compliance with IT policies, helping prepare reports, and participating in audits. This role provides hands-on experience with cybersecurity practices, regulatory requirements, and risk analysis tools, making it an excellent learning opportunity for students and recent graduates interested in IT risk and security.

What types of projects or tasks can an Intern in Technology Risk Management expect to work on?

As an Intern in Technology Risk Management, you can expect to assist with a variety of tasks such as conducting risk assessments, supporting audits of IT systems, and helping to develop or review cybersecurity policies. You may also be involved in monitoring compliance with regulatory standards and collaborating with IT and business teams to identify potential vulnerabilities. This role offers a hands-on introduction to both technical and analytical aspects of managing technology-related risks within an organization.

What are the key skills and qualifications needed to thrive as an Intern in Technology Risk Management, and why are they important?

To thrive as an Intern in Technology Risk Management, you need a foundational understanding of information security, risk assessment, and IT systems, often supported by coursework in computer science or related fields. Familiarity with risk management frameworks (such as ISO 27001), cybersecurity tools, and basic data analysis platforms is highly valued. Strong analytical thinking, attention to detail, and effective communication help interns excel in identifying risks and collaborating with teams. These skills and qualities are critical for ensuring technology risks are properly identified, assessed, and mitigated to protect organizational assets.

How much does a technology risk manager make at Capital One?

A Technology Risk Manager at Capital One typically earns between $90,000 and $130,000 annually, depending on experience and location. The role involves assessing and mitigating technology-related risks, often requiring knowledge of cybersecurity tools and risk management frameworks.

What is the difference between Intern Technology Risk Management vs Intern Cybersecurity?

AspectIntern Technology Risk ManagementIntern Cybersecurity
CertificationsBasic knowledge of risk management frameworksFundamentals of cybersecurity and security protocols
Work EnvironmentRisk assessment, compliance, policy developmentSecurity monitoring, threat analysis, incident response
Industry UsageFinancial, healthcare, technology sectorsIT, finance, government agencies

Intern Technology Risk Management focuses on identifying and mitigating risks related to technology and compliance, while Intern Cybersecurity emphasizes protecting systems from security threats. Both roles often overlap but serve distinct functions within organizations' tech departments.

What does a technology risk manager do?

A technology risk manager identifies, assesses, and mitigates risks related to information technology systems and infrastructure. They develop policies, implement controls, and monitor security measures to protect an organization from cyber threats, data breaches, and operational disruptions. Strong analytical skills and knowledge of cybersecurity tools are essential for this role.
What cities are hiring for Intern Technology Risk Management jobs? Cities with the most Intern Technology Risk Management job openings:
What are the most commonly searched types of Technology Risk Management jobs? The most popular types of Technology Risk Management jobs are:
What states have the most Intern Technology Risk Management jobs? States with the most job openings for Intern Technology Risk Management jobs include:
IST Risk Manager

IST Risk Manager

Old National Bank

Chicago, IL • On-site

$199K/yr

Full-time

Medical, Dental, Vision, Retirement

Posted 13 days ago


Old National Bank rating

8.0

Company rating: 8.0 out of 10

Based on 36 frontline employees who took The Breakroom Quiz

55th of 146 rated banks


Job description

Overview
Old National Bank has been serving clients and communities since 1834. With over $70 billion in total assets, we are a regional powerhouse deeply rooted in the communities we serve. As a trusted partner, we thrive on helping our clients achieve their goals and dreams, and we are committed to social responsibility and investing in our communities through volunteering and charitable giving.
We continually seek highly motivated and talented individuals as our people are critical to our success. In return, we offer competitive compensation with our salary and incentive program, in addition to medical, dental, and vision insurance. 401K, continuing education opportunities and an employee assistance program are also included in our benefit suite. Old National also offers a variety of Impact Network Groups led by team members who are passionate about driving engagement, creating awareness of diverse backgrounds and experiences, and building inclusion across the organization. We offer a unique opportunity to join a growing, community and client-focused company that is firmly rooted in its core values.
Responsibilities
Salary Range
The salary range for this position is $98,400/yr - $199,000/yr plus bonus. The base salary indicated for this position reflects the compensation range applicable to all levels of the role across the United States. Actual salary offers within this range may vary based on a number of factors, including the specific responsibilities of the position, the candidate's relevant skills and professional experience, educational qualifications, and geographic location.
The Information Security & Technology Risk Manager supports and executes second line of defense (2LOD) governance, oversight, and independent challenge across information security and technology risk at Old National Bancorp. Reporting to the Director of Information Security & Technology Risk, this role is responsible for establishing and maintaining the enterprise information security and technology risk framework, including policies, standards, and monitoring practices, to ensure alignment with Board-approved risk appetite and regulatory expectations.
This role supports the execution and continuous enhancement of the Information Security and Technology Risk Management Program, helping to safeguard the confidentiality, integrity, and availability of customer, employee, and business information in accordance with ONB policies and applicable regulatory requirements. The Manager serves as a consultative partner to both the first and second lines of defense, providing risk advisory and interpretation of regulatory expectations to business units and leadership.
Additionally, this role provides independent oversight of first-line technology and information security activities, leveraging strong analytical expertise and sound risk judgment to assess, challenge, and strengthen risk management practices and control effectiveness. Key responsibilities include overseeing governance, risk, and compliance (GRC) activities, leading independent testing and validation, and managing corporate security awareness initiatives.
Key Accountabilities
The Information Security and Technology Risk Manager and the second line team are directly responsible for enterprise oversight of Information Security and Technology Risk Management including but not limited to:
Governance, Risk & Compliance (GRC) - Information Security and Technology Risk Management Framework Ownership
  • Support the development, enhancement, and ongoing maintenance of the enterprise Information Security & Technology Risk Management (ISTRM) framework, including programs, policies, standards, guidelines, and procedures to ensure alignment with regulatory and industry expectations.
  • Contribute to the maintenance of technology and cyber risk taxonomy, risk appetite alignment, and key risk indicators (KRIs), supporting consistent risk measurement, monitoring, and reporting to management and Board committees.
  • Provide independent challenge and advisory support to first line risk offices and technology leadership on risk identification, control effectiveness, and remediation prioritization, while partnering with stakeholders to ensure timely issue identification and resolution.
  • Oversee adherence to information security and technology risk policies, programs, and standards, including monitoring control effectiveness and supporting continuous improvement of governance, risk analysis, and oversight practices.
  • Support the implementation of information security and technology risk governance, monitoring, and risk management activities, including security awareness initiatives, to promote a strong control environment and risk-aware culture.
  • Apply risk management practices to safeguard sensitive data and support compliance with applicable legal, regulatory, and industry requirements across information assets and technology systems.

Risk Identification, Assessment, Monitoring & Reporting (2LOD)
  • Execute and oversee second line monitoring and review activities using a risk-based approach, including validation of control design and operating effectiveness performed by first line teams.
  • Maintain and support governance of risk registers, issue inventories, and exception tracking within the enterprise GRC platform; ensure appropriate documentation, escalation, and reporting cadence.
  • Develop and deliver clear, concise risk reporting for management and risk committees, including trends, material findings, and aging issues/exceptions.

Independent Testing & Validation (Assurance within 2LOD)
  • Establish and execute an annual independent testing and validation plan across information security and technology risk domains, informed by risk assessments, regulatory expectations, and audit/exam feedback.
  • Perform independent validation of remediation for material issues and control deficiencies; confirm evidence sufficiency and recommend formal closure or escalation where gaps remain.
  • Coordinate with Internal Audit (3LOD) and external examiners to align testing scopes, reduce duplication, and ensure timely resolution of findings.

Security Training, Awareness & Culture
  • Manage and enhance enterprise security training and awareness activities, including administration of required training and tracking of completion metrics.
  • Monitor alignment of enterprise training and awareness efforts with regulatory expectations and evolving threat landscape; report on participation and identified gaps.
  • Partner with HR, Compliance, and business units to promote a consistent and risk-aware culture across the organization.

Regulatory, Audit & Committee Engagement
  • Support regulatory examinations and audits related to information security, technology risk, and resilience by providing documentation, evidence, and responses as needed.
  • Contribute to preparation of management and committee reporting materials, including risk posture updates and tracking of action items.
  • Collaborate with Technology, Information Security (1LOD), ERM, Compliance, TPRM, and Legal to support practical and effective governance and risk management practices.

Key Competencies for Position
People Leadership:
  • Coach & Empower Others: Provides timely feedback, support, and guidance to encourage and support associates to accomplish tasks, solve problems, and enhance their professional development.
  • Lead Change: Leads change efforts, engaging team members who are resistant to change to gain their support and commitment, helps associates understand why the change is occurring, continuously sharing information, and assessing the adoption of the change.

Culture Leadership:
  • Culture & Values Leadership: Demonstrates Old National's culture in daily interactions and encourages associates to live by our culture and core values.

Execution Leadership:
  • Drive and Execution: Establishes clear objectives, metrics, and governance cadence; delivers risk oversight commitments with rigor and follow-through.
  • Collaboration: Builds trusted partnerships across Risk, Technology, Security, Compliance, and the business to drive consistent risk outcomes.
  • Risk Leadership / Independent Challenge: Demonstrates credibility and judgment to challenge first line decisions, validate evidence, and escalate material risks appropriately.
  • Communication: Communicates complex risk and control topics clearly to executive management and governance committees; ensures timely escalation and stakeholder alignment.
  • Analytical Problem Solving: Synthesizes qualitative and quantitative risk data to identify themes, prioritize actions, and recommend pragmatic risk responses.

Qualifications and Education Requirements
  • Bachelor degree in Information Technology, Cybersecurity, Risk Management, Audit, or related field (advanced degree preferred).
  • 10+ years relevant experience across information security, technology risk, governance, risk, and compliance (GRC), or related disciplines in a highly regulated industry, with a minimum of 3 years managing teams.
  • 3+ years of management experience.
  • Demonstrated experience aligning security and technology risk governance to recognized frameworks (e.g., NIST, ISO 27001) and banking regulatory expectations.
  • Experience establishing risk monitoring, independent testing/validation, and issue/exception governance processes with strong evidence discipline.
  • Strong communication skills; experience presenting risk posture, trends, and recommendations to management committees.
  • Proven ability to partner effectively across all levels of the organization and develop positive working relationships.
  • Strong presence with internal partners and external constituents, as necessary
  • Thorough understanding of auditing/examination techniques. Knowledge of applicable state and federal banking laws and regulations and of bank services, policies, and procedures.
  • Demonstrates conceptual thinking and analytical skills. Advanced problem-solving skills with the ability to define problems, analyze variables and propose solutions.
  • Strong leadership skills with supervisory experience, strong interpersonal skills and knowledgeable risk management professional.

Preferred certifications:
  • CISSP, CISM, CISA, CRISC, or equivalent.

Old National is proud to be an equal opportunity employer focused on fostering an inclusive workplace and committed to hiring a workforce comprised of diverse backgrounds, cultures and thinking styles.
As such, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, status as a qualified individual with disability, sexual orientation, gender identity or any other characteristic protected by law.
We do not accept resumes from external staffing agencies or independent recruiters for any of our openings unless we have an agreement signed by the Director of Talent Acquisition, SVP, to fill a specific position.
Our culture is firmly rooted in our core values.
We are optimistic. We are collaborative. We are inclusive. We are agile. We are ethical.
We are Old National Bank. Join our team!

What Old National Bank employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom