General Characteristics Leads, develops and maintains the IT risk and compliance management strategy. Develops and maintains policy, standards, processes and procedures to assess, monitor, report ...
General Characteristics Leads, develops and maintains the IT risk and compliance management strategy. Develops and maintains policy, standards, processes and procedures to assess, monitor, report ...
Director, Technology Risk
New York, NY ยท On-site
... IT risk management within a global Fintech, Financial Services, or enterprise technology ... organization * Proven track record building or significantly maturing a technology risk practice ...
Director, Technology Risk
New York, NY ยท On-site
... IT risk management within a global Fintech, Financial Services, or enterprise technology ... organization * Proven track record building or significantly maturing a technology risk practice ...
IT Risk Manager
Chicago, IL ยท Hybrid
Partner with Enterprise Risk Management in the execution of Risk and Control Self Assessments ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
IT Risk Manager
Chicago, IL ยท Hybrid
Partner with Enterprise Risk Management in the execution of Risk and Control Self Assessments ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
Director, Technology Risk
Norwalk, CT ยท On-site
... IT risk management within a global Fintech, Financial Services, or enterprise technology ... organization * Proven track record building or significantly maturing a technology risk practice ...
Director, Technology Risk
Norwalk, CT ยท On-site
... IT risk management within a global Fintech, Financial Services, or enterprise technology ... organization * Proven track record building or significantly maturing a technology risk practice ...
Requirements โข Foundational understanding of technology risk, IT controls, and governance concepts. โข Basic knowledge of cybersecurity and technology risk management. โข Familiarity with NIST ...
Quick apply
Requirements โข Foundational understanding of technology risk, IT controls, and governance concepts. โข Basic knowledge of cybersecurity and technology risk management. โข Familiarity with NIST ...
IT Risk Manager
San Francisco, CA ยท Hybrid
Partner with Enterprise Risk Management in the execution of Risk and Control Self Assessments ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
IT Risk Manager
San Francisco, CA ยท Hybrid
Partner with Enterprise Risk Management in the execution of Risk and Control Self Assessments ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
Technology Risk Lead
Richmond, VA ยท On-site
This role will leverage depth in technology risk management to partner across multiple ... Manage and track a consolidated program for all interactions between Harris Williams IT/Security ...
Technology Risk Lead
Richmond, VA ยท On-site
This role will leverage depth in technology risk management to partner across multiple ... Manage and track a consolidated program for all interactions between Harris Williams IT/Security ...
Sr Director, Technology Risk (Hybrid)
Newark, NJ ยท On-site
$160K - $210K/yr
Ensure team is compliant with company requirements * IT Audit Leadership: Manage internal and ... AI & Model Risk Governance: Establish and maintain model governance frameworks, ensuring model ...
Sr Director, Technology Risk (Hybrid)
Newark, NJ ยท On-site
$160K - $210K/yr
Ensure team is compliant with company requirements * IT Audit Leadership: Manage internal and ... AI & Model Risk Governance: Establish and maintain model governance frameworks, ensuring model ...
Initiate and manage third-party due diligence questionnaires (DDQs) and responses; reviewing and ... Conduct IT risk identification and analysis across applications, network and infrastructure, and ...
Initiate and manage third-party due diligence questionnaires (DDQs) and responses; reviewing and ... Conduct IT risk identification and analysis across applications, network and infrastructure, and ...
AVP, IT & AI Governance
$171.80K - $215K/yr
The AVP will oversee IT governance, AI governance, model risk alignment, technology risk management, and regulatory compliance across the organization. This role serves as a key control function ...
AVP, IT & AI Governance
$171.80K - $215K/yr
The AVP will oversee IT governance, AI governance, model risk alignment, technology risk management, and regulatory compliance across the organization. This role serves as a key control function ...
Sr Director, Technology Risk (Hybrid)
New York, NY ยท Hybrid
$160K - $210K/yr
Ensure team is compliant with company requirements * IT Audit Leadership: Manage internal and ... AI & Model Risk Governance: Establish and maintain model governance frameworks, ensuring model ...
Sr Director, Technology Risk (Hybrid)
New York, NY ยท Hybrid
$160K - $210K/yr
Ensure team is compliant with company requirements * IT Audit Leadership: Manage internal and ... AI & Model Risk Governance: Establish and maintain model governance frameworks, ensuring model ...
AVP, IT & AI Governance
Coral Gables, FL ยท On-site
$150.20K - $187.90K/yr
The AVP will oversee IT governance, AI governance, model risk alignment, technology risk management, and regulatory compliance across the organization. This role serves as a key control function ...
AVP, IT & AI Governance
Coral Gables, FL ยท On-site
$150.20K - $187.90K/yr
The AVP will oversee IT governance, AI governance, model risk alignment, technology risk management, and regulatory compliance across the organization. This role serves as a key control function ...
... IT staffing/consulting company. Procom's areas of staffing expertise include: Application Development Project Management Quality Assurance Business/Systems Analysis Datawarehouse & Business ...
... IT staffing/consulting company. Procom's areas of staffing expertise include: Application Development Project Management Quality Assurance Business/Systems Analysis Datawarehouse & Business ...
Sr Technology Risk Consultant
Minneapolis, MN ยท On-site
$85K - $104K/yr
Broad information technology experience. Understanding of controls in a technology environment. * 3-5 years risk management or internal audit experience within a Technology organization. * Good ...
Sr Technology Risk Consultant
Minneapolis, MN ยท On-site
$85K - $104K/yr
Broad information technology experience. Understanding of controls in a technology environment. * 3-5 years risk management or internal audit experience within a Technology organization. * Good ...
Senior IT Audit & Assurance Analyst
Raleigh, NC ยท On-site +1
... manage risk and drive growth. Our solutions automate key processes and allow our customers to ... Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ...
New
Quick apply
Senior IT Audit & Assurance Analyst
Raleigh, NC ยท On-site +1
... manage risk and drive growth. Our solutions automate key processes and allow our customers to ... Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ...
New
The Technology Risk team for Corporate Services Technology (CST) within Enterprise Technology Risk ... Manage IT Controls program activities; this includes managing the Controls Inventory in GRC ...
The Technology Risk team for Corporate Services Technology (CST) within Enterprise Technology Risk ... Manage IT Controls program activities; this includes managing the Controls Inventory in GRC ...
Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ... Manage ad-hoc SOC 1 and SOC 2 audit engagements for newly acquired products not yet in scope of the ...
New
Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ... Manage ad-hoc SOC 1 and SOC 2 audit engagements for newly acquired products not yet in scope of the ...
New
Senior IT Audit & Assurance Analyst
Raleigh, NC ยท On-site +1
... manage risk and drive growth. Our solutions automate key processes and allow our customers to ... Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ...
New
Senior IT Audit & Assurance Analyst
Raleigh, NC ยท On-site +1
... manage risk and drive growth. Our solutions automate key processes and allow our customers to ... Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ...
New
The Technology Risk team for Corporate Services Technology (CST) within Enterprise Technology Risk ... Manage IT Controls program activities; this includes managing the Controls Inventory in GRC ...
The Technology Risk team for Corporate Services Technology (CST) within Enterprise Technology Risk ... Manage IT Controls program activities; this includes managing the Controls Inventory in GRC ...
The Technology Risk team for Corporate Services Technology (CST) within Enterprise Technology Risk ... Manage IT Controls program activities; this includes managing the Controls Inventory in GRC ...
The Technology Risk team for Corporate Services Technology (CST) within Enterprise Technology Risk ... Manage IT Controls program activities; this includes managing the Controls Inventory in GRC ...
It Risk Management information
See salary details
$51.5K - $62.3K
4% of jobs
$62.3K - $73K
6% of jobs
$73K - $83.8K
11% of jobs
$87.9K is the 25th percentile. Wages below this are outliers.
$83.8K - $94.6K
11% of jobs
The median wage is $103.2K / yr.
$94.6K - $105.4K
23% of jobs
$105.4K - $116.1K
13% of jobs
$123.2K is the 75th percentile. Wages above this are outliers.
$116.1K - $126.9K
12% of jobs
$126.9K - $137.7K
8% of jobs
$137.7K - $148.5K
6% of jobs
$148.5K - $159.2K
4% of jobs
$159.2K - $170K
2% of jobs
$51.5K
$111.6K
$170K
How much do it risk management jobs pay per year?
As of May 30, 2026, the average yearly pay for it risk management in the United States is $111,556.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,000.00 and $129,000.00 per year, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as an IT Risk Management professional, and why are they important?
To thrive in IT Risk Management, you need a strong understanding of information security principles, risk assessment methodologies, and regulatory compliance frameworks, typically supported by a degree in information technology, cybersecurity, or a related field. Familiarity with risk management tools (such as RSA Archer or MetricStream), knowledge of ISO 27001, and certifications like CISSP or CISM are highly valued. Strong analytical thinking, attention to detail, and effective communication skills help in identifying threats and conveying risks to stakeholders. These skills and qualities are crucial for protecting organizational assets, ensuring compliance, and enabling informed decision-making regarding technology risks.
What are some common challenges faced by IT Risk Management professionals, and how can they effectively address them?
IT Risk Management professionals often encounter challenges such as rapidly evolving cyber threats, balancing compliance with operational efficiency, and communicating technical risks to non-technical stakeholders. Staying updated with the latest security trends and regulations is essential for effective risk assessment. Building strong cross-departmental relationships can help ensure that risk mitigation strategies are both practical and well-understood across the organization. Continuous learning and leveraging risk management frameworks, like NIST or ISO 27001, can also provide a solid foundation for addressing these challenges.
What is IT Risk Management?
IT Risk Management is the process of identifying, assessing, and mitigating risks related to information technology systems and data within an organization. This discipline aims to protect information assets from threats such as cyberattacks, data breaches, and system failures by implementing security controls and policies. Effective IT Risk Management helps organizations comply with regulations, minimize financial losses, and ensure business continuity. Professionals in this field continuously monitor and update risk strategies to adapt to evolving technological threats.
What is the difference between It Risk Management vs Cybersecurity Analyst?
| Aspect | It Risk Management | Cybersecurity Analyst |
|---|---|---|
| Required Credentials | Certifications like CRISC, CISSP, CISA | Certifications like CompTIA Security+, CISSP, CEH |
| Work Environment | Focus on risk assessment, compliance, and mitigation strategies across IT systems | Focus on monitoring, analyzing, and responding to security threats |
| Employer & Industry Usage | Used in organizations prioritizing risk management and compliance | Used in security operations centers and cybersecurity teams |
While both roles involve IT security, It Risk Management emphasizes assessing and mitigating risks across IT systems, whereas Cybersecurity Analysts focus on detecting and responding to security threats. Understanding these differences helps organizations assign the right roles for their security needs.
More about It Risk Management jobs
What cities are hiring for It Risk Management jobs? Cities with the most It Risk Management job openings:
What states have the most It Risk Management jobs? States with the most job openings for It Risk Management jobs include:
What job categories do people searching It Risk Management jobs look for? The top searched job categories for It Risk Management jobs are:
Full-time
Posted 7 days ago
Job description
General Characteristics
Leads, develops and maintains the IT risk and compliance management strategy. Develops and maintains policy, standards, processes and procedures to assess, monitor, report, escalate and remediate IT risk and compliance related issues. Works collaboratively with corporate compliance, internal auditing and corporate risk management and various technical teams in the design and implementation of audit, risk assessment and regulatory compliance practices for IT. Leads cross-functional teams in performing reviews and tests of IT internal controls to ensure that existing IT systems are operating as designed and that they contain adequate controls. Facilitates risk assessments and identifies risk themes. Proactively promotes enhancement of technology-related internal controls awareness and training across IT and business units.
Monitors and analyzes technology risk trends, recommends appropriate IT policies, procedures and practices to strengthen internal operations. Directs IT functional teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines. Advises IT and business executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems. Educates IT and business executives on appropriate mitigation strategies and approaches. Provides oversight regarding audit, regulatory and risk management activities across IT functional areas, such as the development and maintenance of regulatory documentation (e.g., Sarbanes-Oxley Act compliance). Coordinates the IT component of both internal and external audits, federal and state examinations. Possesses detailed knowledge of industry regulatory environment and risk management practices, and thorough understanding of local and federal regulations such as Sarbanes-Oxley, Basel II, and HIPAA.
Education: Bachelor's Degree in Computer Science, Information Systems, Business Administration, or other related field. Or equivalent work experience.
Experience: A minimum of 10 years of IT and business work experience including managing team(s) responsible for risk management, compliance and audit, information security management.
Breadth: Senior level management in risk and compliance management. Has overall responsibility for department decisions and management. Provides strategic direction, coaches and mentors more junior management staff and/or senior level professionals. Has accountability for IT functional/departmental results. Frequently reports to a corporate risk management executive, Chief Financial Officer or Chief Information Officer.
*Please note that this application is part of our candidate pool for future staffing needs under our contract with the State of Florida. Positions may not be available immediately, and job locations, assignments, and start dates may vary depending on agency requirements. By applying, you will be considered for current and upcoming opportunities, and we will reach out if a role that matches your skills and qualifications becomes available.*
Leads, develops and maintains the IT risk and compliance management strategy. Develops and maintains policy, standards, processes and procedures to assess, monitor, report, escalate and remediate IT risk and compliance related issues. Works collaboratively with corporate compliance, internal auditing and corporate risk management and various technical teams in the design and implementation of audit, risk assessment and regulatory compliance practices for IT. Leads cross-functional teams in performing reviews and tests of IT internal controls to ensure that existing IT systems are operating as designed and that they contain adequate controls. Facilitates risk assessments and identifies risk themes. Proactively promotes enhancement of technology-related internal controls awareness and training across IT and business units.
Monitors and analyzes technology risk trends, recommends appropriate IT policies, procedures and practices to strengthen internal operations. Directs IT functional teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines. Advises IT and business executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems. Educates IT and business executives on appropriate mitigation strategies and approaches. Provides oversight regarding audit, regulatory and risk management activities across IT functional areas, such as the development and maintenance of regulatory documentation (e.g., Sarbanes-Oxley Act compliance). Coordinates the IT component of both internal and external audits, federal and state examinations. Possesses detailed knowledge of industry regulatory environment and risk management practices, and thorough understanding of local and federal regulations such as Sarbanes-Oxley, Basel II, and HIPAA.
Education: Bachelor's Degree in Computer Science, Information Systems, Business Administration, or other related field. Or equivalent work experience.
Experience: A minimum of 10 years of IT and business work experience including managing team(s) responsible for risk management, compliance and audit, information security management.
Breadth: Senior level management in risk and compliance management. Has overall responsibility for department decisions and management. Provides strategic direction, coaches and mentors more junior management staff and/or senior level professionals. Has accountability for IT functional/departmental results. Frequently reports to a corporate risk management executive, Chief Financial Officer or Chief Information Officer.
*Please note that this application is part of our candidate pool for future staffing needs under our contract with the State of Florida. Positions may not be available immediately, and job locations, assignments, and start dates may vary depending on agency requirements. By applying, you will be considered for current and upcoming opportunities, and we will reach out if a role that matches your skills and qualifications becomes available.*