This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Cybersecurity Risk Analyst
Nashville, TN · On-site
A minimum of 3-4 years in Information Technology * A minimum of 2 years' experience in cybersecurity risk management * A Bachelor's or Master's Degree in a relevant field of work * Strong analytical ...
Cybersecurity Risk Analyst
Nashville, TN · On-site
A minimum of 3-4 years in Information Technology * A minimum of 2 years' experience in cybersecurity risk management * A Bachelor's or Master's Degree in a relevant field of work * Strong analytical ...
A minimum of 3-4 years in Information Technology * A minimum of 2 years' experience in cybersecurity risk management * A Bachelor's or Master's Degree in a relevant field of work * Strong analytical ...
A minimum of 3-4 years in Information Technology * A minimum of 2 years' experience in cybersecurity risk management * A Bachelor's or Master's Degree in a relevant field of work * Strong analytical ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
IT Manager
Nashville, TN · On-site
$91K - $112K/yr
The IT Manager leads and develops the IT team, establishes operational standards, manages ... Lead cybersecurity initiatives, risk management efforts, vulnerability remediation, and security ...
IT Manager
Nashville, TN · On-site
$91K - $112K/yr
The IT Manager leads and develops the IT team, establishes operational standards, manages ... Lead cybersecurity initiatives, risk management efforts, vulnerability remediation, and security ...
2027 TRC Fall Internship - St. Louis, Kansas City, or Nashville
Nashville, TN · On-site
$14.50 - $19.25/hr
... IT Audit Managers and clients, you will gain an understanding of the client's IT systems, infrastructure, and control environment. You will apply that understanding to a variety of IT risk and ...
2027 TRC Fall Internship - St. Louis, Kansas City, or Nashville
Nashville, TN · On-site
$14.50 - $19.25/hr
... IT Audit Managers and clients, you will gain an understanding of the client's IT systems, infrastructure, and control environment. You will apply that understanding to a variety of IT risk and ...
Leads Information Security and Technology Risk Management for an assigned Business Unit, ensuring alignment with enterprise security strategy, business objectives, and regulatory obligations.
Leads Information Security and Technology Risk Management for an assigned Business Unit, ensuring alignment with enterprise security strategy, business objectives, and regulatory obligations.
Leads Information Security and Technology Risk Management for an assigned Business Unit, ensuring alignment with enterprise security strategy, business objectives, and regulatory obligations.
Leads Information Security and Technology Risk Management for an assigned Business Unit, ensuring alignment with enterprise security strategy, business objectives, and regulatory obligations.
Leads Information Security and Technology Risk Management for an assigned Business Unit, ensuring alignment with enterprise security strategy, business objectives, and regulatory obligations.
Leads Information Security and Technology Risk Management for an assigned Business Unit, ensuring alignment with enterprise security strategy, business objectives, and regulatory obligations.
... IT risk management, audit, or security with a focus on governance, risk, and compliance * 3 years of experience working with compliance auditing and controls We have a preference for: * Knowledge of ...
Quick apply
... IT risk management, audit, or security with a focus on governance, risk, and compliance * 3 years of experience working with compliance auditing and controls We have a preference for: * Knowledge of ...
It Risk Management information
See Tennessee salary details
$46.7K - $56.5K
4% of jobs
$56.5K - $66.3K
6% of jobs
$66.3K - $76.1K
11% of jobs
$79.7K is the 25th percentile. Wages below this are outliers.
$76.1K - $85.9K
11% of jobs
The median wage is $93.6K / yr.
$85.9K - $95.6K
23% of jobs
$95.6K - $105.4K
13% of jobs
$111.9K is the 75th percentile. Wages above this are outliers.
$105.4K - $115.2K
12% of jobs
$115.2K - $125K
8% of jobs
$125K - $134.7K
6% of jobs
$134.7K - $144.5K
4% of jobs
$144.5K - $154.3K
2% of jobs
$46.7K
$101.3K
$154.3K
How much do it risk management jobs pay per year?
What are the key skills and qualifications needed to thrive as an IT Risk Management professional, and why are they important?
What are careers in risk management?
What are some common challenges faced by IT Risk Management professionals, and how can they effectively address them?
What is the difference between It Risk Management vs Cybersecurity Analyst?
| Aspect | It Risk Management | Cybersecurity Analyst |
|---|---|---|
| Required Credentials | Certifications like CRISC, CISSP, CISA | Certifications like CompTIA Security+, CISSP, CEH |
| Work Environment | Focus on risk assessment, compliance, and mitigation strategies across IT systems | Focus on monitoring, analyzing, and responding to security threats |
| Employer & Industry Usage | Used in organizations prioritizing risk management and compliance | Used in security operations centers and cybersecurity teams |
While both roles involve IT security, It Risk Management emphasizes assessing and mitigating risks across IT systems, whereas Cybersecurity Analysts focus on detecting and responding to security threats. Understanding these differences helps organizations assign the right roles for their security needs.
What is the highest paying risk management job?
Is it risk a good career?
What is the role of IT risk management?
What is IT Risk Management?

Other
Re-posted 27 days ago
Job description
POSITION PURPOSE
The Director of IT Governance, Risk and Compliance provides strategic leadership and oversight of the organization's IT risk posture, governance frameworks, and regulatory compliance within a financial services environment. This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The director serves as a key liaison to regulators and internal audit, leads enterprise IT risk programs, and partners closely with information security, legal, compliance, and business units to proactively identify, assess, and mitigate risk across systems, vendors, and emerging technologies.
ESSENTIAL FUNCTIONS AND BASIC DUTIES
1. Â Â Define And maintain the IT risk management framework, ensuring alignment with enterprise risk appetite and business strategy.
2. Â Â Develop and execute a multi year IT risk maturity road map, including governance, controls, and reporting enhancements.
3. Â Â Provide executive level and board reporting on IT risk posture, trends, and emerging threats.
4. Â Â Establish and oversee IT governance structures, policies, standards, and procedures.
5. Â Â Lead enterprise IT risk assessments, including infrastructure, applications, and security architecture reviews.
6. Â Â Identify vulnerabilities, evaluate risk exposure, and ensure timely mitigation of identified issues.
7. Â Â Oversee risk acceptance processes and provide escalation authority for material IT and security risks.
8. Â Â Review and challenge risk decisions, ensuring consistency with organizational risk tolerance.
9. Â Â Serve as primary point of contact for IT regulatory examinations and audits.
10. Â Â Manage IT exam life cycle, including preparation, coordination, and response.
11. Â Â Oversee tracking, reporting, and remediation of IT findings from regulators and internal/ external audits.
12. Â Â Maintain comprehensive documentation of audits, findings, and corrective actions.
13. Â Â Interpret and operationalize regulatory requirements related to IT systems, data protection, and information security to include SOX, data privacy laws, and financial regulations.
14. Â Â Develop and implement strategies to ensure ongoing compliance with applicable laws and standards.
15. Â Â Partner with legal and compliance teams to monitor regulatory changes and assess impact on IT controls.
16. Â Â Provide oversight of IT risk associated with third party vendors, including material risk vendor reviews and escalations.
17. Â Â Collaborate with vendor management teams to ensure adequate controls and risk mitigation strategies.
18. Â Â Assess risks associated with new technologies, products, and services, ensuring appropriate governance and control implementation.
19. Â Â Partner closely with information security to align on security controls, risk assessments, and remediation priorities.
20. Â Â Work with business and technology stakeholders to embed risk management practices into day-to-day operations.
21. Â Â Promote a strong risk-aware culture across the organization.
QUALIFICATIONS
EDUCATION/CERTIFICATION: Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field. Advanced degree preferred. Relevant certifications preferred (e.g., CISM, CRISC, CISSP, CISA)
REQUIRED KNOWLEDGE: Strong understanding of SOX, data privacy regulations, and technology compliance requirements.
EXPERIENCE REQUIRED: Ten or more (10+) years of progressive experience in IT risk management, IT audit, information security, or governance within financial services or a highly regulated industry.
Deep expertise in IT risk frameworks, such as NIST, COBIT, ISO 27001, and regulatory environments.
Proven experience managing regulatory exams and audit engagements.
SKILLS/ABILITIES:
Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership.
Demonstrated ability to lead complex risk programs and influence senior stakeholders, including executive leadership.
Very strong analytical & problem-solving skills