1

It Risk Management Jobs in Massachusetts (NOW HIRING)

The IT Internal Auditor supports the execution of the Company's Internal Audit plan, with ... governance and risk management practices, and helps enhance the overall control environment.

New

Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Continuity, or a related field (or equivalent experience) * 2-5 years of experience in cybersecurity, business ...

Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Continuity, or a related field (or equivalent experience) * 2-5 years of experience in cybersecurity, business ...

Minimum of 8 years of progressive experience in external audit, internal audit, IT compliance, IT risk management, or SOX advisory, with significant focus on IT General Controls and enterprise ...

$130K - $175K/yr

Minimum of 8 years of progressive experience in external audit, internal audit, IT compliance, IT risk management, or SOX advisory, with significant focus on IT General Controls and enterprise ...

Senior IT Audit Manager

Waltham, MA · On-site

$130K - $175K/yr

Minimum of 8 years of progressive experience in external audit, internal audit, IT compliance, IT risk management, or SOX advisory, with significant focus on IT General Controls and enterprise ...

Role: IT Audit Lead Location: Remote (EST Hours) Term: 5+ Mo. Position Overview The IT Audit Lead ... risk assessments, control design, testing, issue management, and remediation. * Experience ...

New

Senior Principal, Internal Audit, IT

Bedford, MA · On-site

$88K - $110K/yr

Deep knowledge of technology risk management, IT general controls, cybersecurity, cloud ... environments, ERP platforms, data governance, and emerging technology risks. * Experience ...

Required : • 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. • Demonstrated experience conducting structured cybersecurity or ...

Senior Principal, Internal Audit, IT

Bedford, MA · On-site

$88K - $110K/yr

Deep knowledge of technology risk management, IT general controls, cybersecurity, cloud ... environments, ERP platforms, data governance, and emerging technology risks. * Experience ...

next page

Showing results 1-20

It Risk Management information

See Massachusetts salary details

$56.2K

$121.8K

$185.7K

How much do it risk management jobs pay per year?

As of Jul 17, 2026, the average yearly pay for it risk management in Massachusetts is $121,833.00, according to ZipRecruiter salary data. Most workers in this role earn between $98,300.00 and $140,900.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an IT Risk Management professional, and why are they important?

To thrive in IT Risk Management, you need a strong understanding of information security principles, risk assessment methodologies, and regulatory compliance frameworks, typically supported by a degree in information technology, cybersecurity, or a related field. Familiarity with risk management tools (such as RSA Archer or MetricStream), knowledge of ISO 27001, and certifications like CISSP or CISM are highly valued. Strong analytical thinking, attention to detail, and effective communication skills help in identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets, ensuring compliance, and enabling informed decision-making regarding technology risks.

What are careers in risk management?

Careers in risk management involve identifying, assessing, and mitigating potential threats to an organization’s assets, operations, or reputation. Professionals in this field often work in finance, insurance, or corporate settings, utilizing skills in analysis, problem-solving, and familiarity with risk assessment tools. Common roles include risk analyst, risk manager, and compliance officer, often requiring certifications like FRM or CRM.

What are some common challenges faced by IT Risk Management professionals, and how can they effectively address them?

IT Risk Management professionals often encounter challenges such as rapidly evolving cyber threats, balancing compliance with operational efficiency, and communicating technical risks to non-technical stakeholders. Staying updated with the latest security trends and regulations is essential for effective risk assessment. Building strong cross-departmental relationships can help ensure that risk mitigation strategies are both practical and well-understood across the organization. Continuous learning and leveraging risk management frameworks, like NIST or ISO 27001, can also provide a solid foundation for addressing these challenges.

What is the difference between It Risk Management vs Cybersecurity Analyst?

AspectIt Risk ManagementCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentFocus on risk assessment, compliance, and mitigation strategies across IT systemsFocus on monitoring, analyzing, and responding to security threats
Employer & Industry UsageUsed in organizations prioritizing risk management and complianceUsed in security operations centers and cybersecurity teams

While both roles involve IT security, It Risk Management emphasizes assessing and mitigating risks across IT systems, whereas Cybersecurity Analysts focus on detecting and responding to security threats. Understanding these differences helps organizations assign the right roles for their security needs.

What is the highest paying risk management job?

The highest paying risk management roles are often executive positions such as Chief Risk Officer (CRO) or Director of Risk Management, with salaries exceeding $150,000 annually and sometimes reaching over $300,000 depending on the industry and company size. These roles require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills.

Is it risk a good career?

IT Risk Management is a viable career that involves identifying, assessing, and mitigating technology-related risks within organizations. It requires knowledge of cybersecurity, compliance standards, and risk assessment tools, often supported by certifications like CISSP or CISM. The field offers steady demand due to increasing cybersecurity threats and regulatory requirements, making it a stable career choice for those with relevant skills and experience.

What is the role of IT risk management?

IT risk management involves identifying, assessing, and mitigating risks related to information technology systems to protect data, assets, and operations. It includes implementing security controls, conducting audits, and ensuring compliance with standards like ISO 27001 or NIST frameworks. Professionals in this field often use risk assessment tools and require knowledge of cybersecurity principles.

What is IT Risk Management?

IT Risk Management is the process of identifying, assessing, and mitigating risks related to information technology systems and data within an organization. This discipline aims to protect information assets from threats such as cyberattacks, data breaches, and system failures by implementing security controls and policies. Effective IT Risk Management helps organizations comply with regulations, minimize financial losses, and ensure business continuity. Professionals in this field continuously monitor and update risk strategies to adapt to evolving technological threats.
What are popular job titles related to It Risk Management jobs in Massachusetts? For It Risk Management jobs in Massachusetts, the most frequently searched job titles are:
What job categories do people searching It Risk Management jobs in Massachusetts look for? The top searched job categories for It Risk Management jobs in Massachusetts are:
Infographic showing various It Risk Management job openings in Massachusetts as of July 2026, with employment types broken down into 1% As Needed, 73% Full Time, 22% Part Time, 1% Temporary, and 3% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $121,833 per year, or $58.6 per hour.

Manager, IT Enterprise Risk & Audit Strategy

Origin Staffing

Boston, MA • On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 28 days ago


Job description

We are working on a confidential search for a Manager / Lead-level Technology Risk & IT Transformation professional to join the internal risk and controls function of a well-established global technology company. The team is looking for someone polished, hands-on, and confident partnering across IT, Finance, Security, and business leadership. This is a great role for someone who enjoys bringing structure to complex technology initiatives, assessing risk, improving controls, and helping a company modernize its systems environment.

The position offers broad exposure across the business and will be involved in a major ERP transformation, SOX IT controls, cybersecurity process reviews, application access/security, data protection, AI governance, SDLC, vendor/advisory coordination, and broader technology risk projects. It should be a strong fit for someone coming from IT audit, technology risk, cyber GRC, ERP controls, Big 4/advisory, or corporate IT controls who wants to move into a broader, more strategic in-house platform.

Highlights

  • Opportunity to help build and mature the technology risk function at a global public company, rather than simply inherit a fully established program.
  • Major enterprise systems transformation underway, including a move from a legacy Oracle environment to Oracle Fusion.
  • Responsibilities involve ITGCs, SOX controls, ERP implementation controls, application access/security, change management, data migration, testing, documentation, and control design.
  • Exposure to cybersecurity governance, incident response processes, IAM, privileged access, backup/recovery, encryption, DLP, SIEM, endpoint protection, firewall governance, and third-party cyber services.
  • Opportunity to work on newer technology risk areas, including AI governance, Microsoft 365 / cloud controls, Salesforce access and data security, SDLC, and audit/process modernization.
  • Strong fit for a heavy Senior, Lead, light Manager, or hands-on Manager who wants a role with project variety, ownership, and future leadership potential.
  • Certifications such as CISA, CIA, CISM, CISSP, CRISC, or similar are helpful but not required.
  • Compensation is flexible based on level and experience, with potential to reach a strong all-in package for the right candidate.
  • Excellent benefits, including medical, dental, vision, disability coverage, parental leave, life insurance, 401(k) match, employee stock purchase plan, educational assistance, PTO, holidays, and other voluntary benefits.