ZipRecruiter

Log In

1

It Risk Management Jobs in Tennessee (NOW HIRING)

Bedrock Property Management

IT Manager

Nashville, TN · On-site

$91K - $112K/yr

The IT Manager leads and develops the IT team, establishes operational standards, manages ... Lead cybersecurity initiatives, risk management efforts, vulnerability remediation, and security ...

Oracle

Third-Party Security Advisor

Nashville, TN · On-site

Bachelor's degree in Information Security, Cybersecurity, Computer Science, Information Technology, Risk Management, Business, Supply Chain, Procurement, or a related field, or equivalent practical ...

Tencate Grass

IT Project Manager - IT PMO

Chattanooga, TN · On-site

$89K - $106K/yr

Work closely with international IT colleagues to ensure alignment on global initiatives Risk ... Strong understanding of business consulting, change management, and IT governance concepts * Strong ...

CereCore

Senior IT Project Manager

Nashville, TN · Hybrid

$126K - $127K/yr

Nashville, TN (Hybrid) Position Summary Seeking a Senior IT Project Manager who thrives in complex ... Expertise in risk management, budgeting, and project delivery * Ability to influence, negotiate ...

PERMA PIPE INC

IT Manager - USA

Lebanon, TN

$76K - $93K/yr

Enforce IT governance frameworks, policies, and risk management practices. * Maintain alignment with HSE, quality, and corporate compliance standards. Project Management & Continuous Improvement

New

next page

Showing results 1-20

All JobsIt Risk Management JobsIt Risk Management Jobs in Tennessee

It Risk Management information

See Tennessee salary details

$46.7K

$101.3K

$154.3K

How much do it risk management jobs pay per year?

As of Jun 26, 2026, the average yearly pay for it risk management in Tennessee is $101,250.00, according to ZipRecruiter salary data. Most workers in this role earn between $81,700.00 and $117,100.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an IT Risk Management professional, and why are they important?

To thrive in IT Risk Management, you need a strong understanding of information security principles, risk assessment methodologies, and regulatory compliance frameworks, typically supported by a degree in information technology, cybersecurity, or a related field. Familiarity with risk management tools (such as RSA Archer or MetricStream), knowledge of ISO 27001, and certifications like CISSP or CISM are highly valued. Strong analytical thinking, attention to detail, and effective communication skills help in identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets, ensuring compliance, and enabling informed decision-making regarding technology risks.

What are some common challenges faced by IT Risk Management professionals, and how can they effectively address them?

IT Risk Management professionals often encounter challenges such as rapidly evolving cyber threats, balancing compliance with operational efficiency, and communicating technical risks to non-technical stakeholders. Staying updated with the latest security trends and regulations is essential for effective risk assessment. Building strong cross-departmental relationships can help ensure that risk mitigation strategies are both practical and well-understood across the organization. Continuous learning and leveraging risk management frameworks, like NIST or ISO 27001, can also provide a solid foundation for addressing these challenges.

What are the 4 types of risk management?

In IT risk management, the four main types are risk avoidance, risk reduction, risk transfer, and risk acceptance. These strategies help IT professionals identify, assess, and mitigate potential threats to information systems and data security effectively. Understanding these types is essential for developing comprehensive risk management plans and ensuring organizational resilience.

Do risk managers make good money?

Risk managers typically earn competitive salaries that vary based on experience, industry, and location. According to industry data, median annual pay ranges from $70,000 to over $120,000, with higher earnings possible for those with certifications like FRM or CRM and advanced skills in data analysis and risk assessment.

What is the difference between It Risk Management vs Cybersecurity Analyst?

AspectIt Risk ManagementCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentFocus on risk assessment, compliance, and mitigation strategies across IT systemsFocus on monitoring, analyzing, and responding to security threats
Employer & Industry UsageUsed in organizations prioritizing risk management and complianceUsed in security operations centers and cybersecurity teams

While both roles involve IT security, It Risk Management emphasizes assessing and mitigating risks across IT systems, whereas Cybersecurity Analysts focus on detecting and responding to security threats. Understanding these differences helps organizations assign the right roles for their security needs.

What is the highest paying risk management job?

The highest paying risk management roles are often senior positions such as Chief Risk Officer (CRO) or Director of Risk Management, with salaries exceeding $150,000 annually. These roles require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills in overseeing enterprise-wide risk strategies.

What is the role of IT risk management?

IT risk management involves identifying, assessing, and mitigating risks related to information technology systems to ensure data security, business continuity, and compliance. IT risk managers develop strategies, implement controls, and monitor vulnerabilities using tools like risk assessments and security frameworks. This role requires knowledge of cybersecurity, regulatory standards, and risk analysis techniques.

What is IT Risk Management?

IT Risk Management is the process of identifying, assessing, and mitigating risks related to information technology systems and data within an organization. This discipline aims to protect information assets from threats such as cyberattacks, data breaches, and system failures by implementing security controls and policies. Effective IT Risk Management helps organizations comply with regulations, minimize financial losses, and ensure business continuity. Professionals in this field continuously monitor and update risk strategies to adapt to evolving technological threats.
What are popular job titles related to It Risk Management jobs in Tennessee? For It Risk Management jobs in Tennessee, the most frequently searched job titles are:
What job categories do people searching It Risk Management jobs in Tennessee look for? The top searched job categories for It Risk Management jobs in Tennessee are:
It Risk Management jobs near you
Infographic showing various It Risk Management job openings in Tennessee as of June 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $101,250 per year, or $48.7 per hour.

Director of IT Governance, Risk and Compliance

orionfcu

Memphis, TN • On-site

Other

Posted 7 days ago

Job description

POSITION PURPOSE

The Director of IT Governance, Risk and Compliance provides strategic leadership and oversight of the organization's IT risk posture, governance frameworks, and regulatory compliance within a financial services environment. This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The director serves as a key liaison to regulators and internal audit, leads enterprise IT risk programs, and partners closely with information security, legal, compliance, and business units to proactively identify, assess, and mitigate risk across systems, vendors, and emerging technologies.

ESSENTIAL FUNCTIONS AND BASIC DUTIES

1.    Define And maintain the IT risk management framework, ensuring alignment with enterprise risk appetite and business strategy.
2.    Develop and execute a multi year IT risk maturity road map, including governance, controls, and reporting enhancements.
3.    Provide executive level and board reporting on IT risk posture, trends, and emerging threats.
4.    Establish and oversee IT governance structures, policies, standards, and procedures.
5.    Lead enterprise IT risk assessments, including infrastructure, applications, and security architecture reviews.
6.    Identify vulnerabilities, evaluate risk exposure, and ensure timely mitigation of identified issues.
7.    Oversee risk acceptance processes and provide escalation authority for material IT and security risks.
8.    Review and challenge risk decisions, ensuring consistency with organizational risk tolerance.
9.    Serve as primary point of contact for IT regulatory examinations and audits.
10.    Manage IT exam life cycle, including preparation, coordination, and response.
11.    Oversee tracking, reporting, and remediation of IT findings from regulators and internal/ external audits.
12.    Maintain comprehensive documentation of audits, findings, and corrective actions.
13.    Interpret and operationalize regulatory requirements related to IT systems, data protection, and information security to include SOX, data privacy laws, and financial regulations.
14.    Develop and implement strategies to ensure ongoing compliance with applicable laws and standards.
15.    Partner with legal and compliance teams to monitor regulatory changes and assess impact on IT controls.
16.    Provide oversight of IT risk associated with third party vendors, including material risk vendor reviews and escalations.
17.    Collaborate with vendor management teams to ensure adequate controls and risk mitigation strategies.
18.    Assess risks associated with new technologies, products, and services, ensuring appropriate governance and control implementation.
19.    Partner closely with information security to align on security controls, risk assessments, and remediation priorities.
20.    Work with business and technology stakeholders to embed risk management practices into day-to-day operations.
21.    Promote a strong risk-aware culture across the organization.

QUALIFICATIONS

EDUCATION/CERTIFICATION: Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field. Advanced degree preferred. Relevant certifications preferred (e.g., CISM, CRISC, CISSP, CISA)
REQUIRED KNOWLEDGE: Strong understanding of SOX, data privacy regulations, and technology compliance requirements.

EXPERIENCE REQUIRED: Ten or more (10+) years of progressive experience in IT risk management, IT audit, information security, or governance within financial services or a highly regulated industry.
Deep expertise in IT risk frameworks, such as NIST, COBIT, ISO 27001, and regulatory environments.
Proven experience managing regulatory exams and audit engagements.

SKILLS/ABILITIES:

Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership.
Demonstrated ability to lead complex risk programs and influence senior stakeholders, including executive leadership.
Very strong analytical & problem-solving skills

Apply