ZipRecruiter

Log In

1

It Risk Management Manager Jobs in California (NOW HIRING)

Gap, Inc.

Sr. Technology Auditor

San Francisco, CA · On-site

$110K - $145K/yr

Who You Are * 3-4 years of experience in IT auditing, risk management, or information security. * Experience with SOX IT controls (ITGCs & ITACs) and a solid understanding of ICFR concepts and ...

Peet's

Senior Manager, Cyber Security

Emeryville, CA · Hybrid

$160K - $180K/yr

Reporting to Director of Infrastructure and Security, this role focuses exclusively on cyber security and IT risk management and serves as a hands-on leader who can operate both strategically and ...

next page

Showing results 1-20

All JobsIt Risk Management Manager JobsIt Risk Management Manager Jobs in California

It Risk Management Manager information

What does an IT risk manager do?

An IT risk manager identifies, assesses, and mitigates information technology risks to protect an organization’s data and systems. They develop security policies, implement controls, and monitor for vulnerabilities using tools like risk assessment frameworks and cybersecurity best practices. Their role often requires certifications such as CISSP or CISM and involves collaborating with IT teams to ensure compliance and reduce potential threats.

What is the highest paying risk management job?

The highest paying risk management roles are often senior positions such as Chief Risk Officer (CRO) or Director of Risk Management, with salaries exceeding $200,000 annually. These roles typically require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills in financial or enterprise risk environments.

What does a risk management manager do?

A risk management manager oversees an organization's efforts to identify, assess, and mitigate potential risks that could impact business operations, financial stability, or reputation. They develop risk management strategies, implement policies, and often use tools like risk assessment software to monitor and control risks. Strong analytical skills, industry knowledge, and relevant certifications such as CRM or FRM are typically required for this role.

How much does a risk manager get paid?

A risk management manager typically earns between $90,000 and $150,000 annually, depending on experience, industry, and location. Senior risk managers or those in specialized sectors can earn higher salaries, often supplemented with bonuses and benefits.
What cities in California are hiring for It Risk Management Manager jobs? Cities in California with the most It Risk Management Manager job openings:
Sr. Technology Auditor

Sr. Technology Auditor

Gap, Inc.

San Francisco, CA • On-site

$110K - $145K/yr

Full-time

Posted 11 days ago

Gap rating

6.8

Company rating: 6.8 out of 10

Based on 271 frontline employees who took The Breakroom Quiz

21st of 102 rated fashion retailers

Job description

About the Role
The Internal Audit ("IA") Department is seeking a highly motivated IT Audit Senior to join our Internal Audit team in the retail industry. This role focuses on executing IT operational audits and supporting SOX compliance efforts, including testing IT General Controls (ITGCs) and IT Application Controls (ITACs). The ideal candidate has 3-4 years of experience and a strong understanding of IT risk and control frameworks. This role is based in the San Francisco Office.What You'll Do
  • Execute end-to-end IT audits, including planning, risk assessment, execution, and reporting, while driving alignment with cross-functional stakeholders.
  • Assess the design and operating effectiveness of IT controls across applications, infrastructure, and data environments, with a focus on key risk areas.
  • Identify systemic control gaps and emerging risks, and provide strategic, risk-based recommendations to strengthen the control environment.
  • Partner with IT, Security, and Compliance leadership to influence control design, risk mitigation strategies, and process improvements.
  • Deliver high-quality audit documentation and insights, and contribute to the evolution of audit methodologies and practices.
  • Lead execution of SOX IT testing, including IT General Controls (ITGCs) and IT Application Controls (ITACs), ensuring alignment with ICFR requirements.
  • Exercise judgment in evaluating control design and operating effectiveness, including assessing automated controls and system-generated reports.
  • Drive SOX activities including walkthroughs, RCM development and refinement, and scoping of in-scope systems and risks.
Who You Are
  • 3-4 years of experience in IT auditing, risk management, or information security.
  • Experience with SOX IT controls (ITGCs & ITACs) and a solid understanding of ICFR concepts and financial reporting risks.
  • understanding of IT environments, including applications, infrastructure, databases, and cloud platforms (e.g., AWS, Azure).
  • Knowledge of IT risk and control frameworks (e.g., NIST, ISO 27001, COBIT) and core domains such as access management, change management, and IT operations.
  • Strong communication and interpersonal skills, with the ability to partner with stakeholders and influence outcomes.
  • Excellent organizational and project management skills, with the ability to manage multiple priorities and deliver high-quality work.

Nice to Have:
  • Professional certifications such as CISA, CRISC, CISSP, or equivalent.
  • Experience working with external auditors and supporting SOX reliance strategies (e.g., SOC reports, CUECs).
  • Familiarity with audit tools, data analytics, and GRC platforms (e.g., AuditBoard, ServiceNow).
  • Experience in a retail or consumer-facing environment.

What Gap employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply