Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists ... Manage the internal sales process, including proposal development, competitive assessments, multi ...
Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists ... Manage the internal sales process, including proposal development, competitive assessments, multi ...
Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists ... Manage the internal sales process, including proposal development, competitive assessments, multi ...
Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists ... Manage the internal sales process, including proposal development, competitive assessments, multi ...
Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists ... Manage the internal sales process, including proposal development, competitive assessments, multi ...
Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists ... Manage the internal sales process, including proposal development, competitive assessments, multi ...
Associate Vice President of Information Technology / Chief Information Officer
Melbourne, FL · On-site
$145K - $182K/yr
Establish and oversee IT governance frameworks that ensure transparency, accountability, value realization, and risk management. Serve as a trusted advisor to leadership on technology, financial ...
Associate Vice President of Information Technology / Chief Information Officer
Melbourne, FL · On-site
$145K - $182K/yr
Establish and oversee IT governance frameworks that ensure transparency, accountability, value realization, and risk management. Serve as a trusted advisor to leadership on technology, financial ...
Associate Vice President of Information Technology / Chief Information Officer
Melbourne, FL · On-site
$145K - $182K/yr
Establish and oversee IT governance frameworks that ensure transparency, accountability, value realization, and risk management. Serve as a trusted advisor to leadership on technology, financial ...
Associate Vice President of Information Technology / Chief Information Officer
Melbourne, FL · On-site
$145K - $182K/yr
Establish and oversee IT governance frameworks that ensure transparency, accountability, value realization, and risk management. Serve as a trusted advisor to leadership on technology, financial ...
Director IT Embedded Risk
Tampa, FL · On-site
Being a member of IT FinSight Delivery team, the IT Risk Management works closely with technology leaders to strengthen risk awareness, enhance the control environment, and support the resilient ...
Director IT Embedded Risk
Tampa, FL · On-site
Being a member of IT FinSight Delivery team, the IT Risk Management works closely with technology leaders to strengthen risk awareness, enhance the control environment, and support the resilient ...
Working closely with executive management, you will help set the organization's risk tolerance and implement the right controls to support it. This is a highly visible and influential role where your ...
Working closely with executive management, you will help set the organization's risk tolerance and implement the right controls to support it. This is a highly visible and influential role where your ...
Tech Risk and Controls Lead
Tampa, FL · On-site
$40K - $52K/yr
Obtain 5 plus years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
Tech Risk and Controls Lead
Tampa, FL · On-site
$40K - $52K/yr
Obtain 5 plus years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
Work on multiple projects simultaneously and manage priorities to meet deadlines * Conduct special purpose or consulting assignments * Supervise a team of IT Risk professionals Preferred ...
Work on multiple projects simultaneously and manage priorities to meet deadlines * Conduct special purpose or consulting assignments * Supervise a team of IT Risk professionals Preferred ...
Tech Risk and Controls Lead
Tampa, FL · On-site
$40K - $52K/yr
Obtain 5 plus years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
Tech Risk and Controls Lead
Tampa, FL · On-site
$40K - $52K/yr
Obtain 5 plus years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
Work on multiple projects simultaneously and manage priorities to meet deadlines * Conduct special purpose or consulting assignments * Supervise a team of IT Risk professionals Preferred ...
Work on multiple projects simultaneously and manage priorities to meet deadlines * Conduct special purpose or consulting assignments * Supervise a team of IT Risk professionals Preferred ...
Work on multiple projects simultaneously and manage priorities to meet deadlines * Conduct special purpose or consulting assignments * Supervise a team of IT Risk professionals Preferred ...
Work on multiple projects simultaneously and manage priorities to meet deadlines * Conduct special purpose or consulting assignments * Supervise a team of IT Risk professionals Preferred ...
Lead and manage complex IT risk advisory and internal audit engagements for middle-market and large clients * Advise clients on IT governance, IT general controls (ITGCs), cybersecurity risk, SOX ...
Lead and manage complex IT risk advisory and internal audit engagements for middle-market and large clients * Advise clients on IT governance, IT general controls (ITGCs), cybersecurity risk, SOX ...
Tech Risk and Controls Lead
Tampa, FL · On-site
$40K - $52K/yr
Obtain 5 plus years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
Tech Risk and Controls Lead
Tampa, FL · On-site
$40K - $52K/yr
Obtain 5 plus years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
Lead and manage complex IT risk advisory and internal audit engagements for middle-market and large clients * Advise clients on IT governance, IT general controls (ITGCs), cybersecurity risk, SOX ...
Lead and manage complex IT risk advisory and internal audit engagements for middle-market and large clients * Advise clients on IT governance, IT general controls (ITGCs), cybersecurity risk, SOX ...
Lead and manage complex IT risk advisory and internal audit engagements for middle-market and large clients * Advise clients on IT governance, IT general controls (ITGCs), cybersecurity risk, SOX ...
Lead and manage complex IT risk advisory and internal audit engagements for middle-market and large clients * Advise clients on IT governance, IT general controls (ITGCs), cybersecurity risk, SOX ...
Technology & Cloud Compliance -- Evaluate IT, cloud, and data environment controls (IAM, encryption ... Client Delivery -- Support workplans, manage assigned tasks, gather requirements, and contribute to ...
New
Technology & Cloud Compliance -- Evaluate IT, cloud, and data environment controls (IAM, encryption ... Client Delivery -- Support workplans, manage assigned tasks, gather requirements, and contribute to ...
New
Technology & Cloud Compliance - Evaluate IT, cloud, and data environment controls (IAM, encryption ... Client Delivery - Support workplans, manage assigned tasks, gather requirements, and contribute to ...
New
Technology & Cloud Compliance - Evaluate IT, cloud, and data environment controls (IAM, encryption ... Client Delivery - Support workplans, manage assigned tasks, gather requirements, and contribute to ...
New
Maintain a centralized IT risk register and track remediation plans. * Coordinate IT audits, control testing, and evidence management. Security Architecture & Engineering Integration * Establish and ...
Maintain a centralized IT risk register and track remediation plans. * Coordinate IT audits, control testing, and evidence management. Security Architecture & Engineering Integration * Establish and ...
Maintain a centralized IT risk register and track remediation plans. * Coordinate IT audits, control testing, and evidence management. Security Architecture & Engineering Integration * Establish and ...
Maintain a centralized IT risk register and track remediation plans. * Coordinate IT audits, control testing, and evidence management. Security Architecture & Engineering Integration * Establish and ...
It Risk Manager information
See Florida salary details
$38.5K - $46.5K
4% of jobs
$46.5K - $54.6K
6% of jobs
$54.6K - $62.6K
11% of jobs
$65.7K is the 25th percentile. Wages below this are outliers.
$62.6K - $70.7K
11% of jobs
The median wage is $77.1K / yr.
$70.7K - $78.7K
23% of jobs
$78.7K - $86.8K
13% of jobs
$92.1K is the 75th percentile. Wages above this are outliers.
$86.8K - $94.8K
12% of jobs
$94.8K - $102.9K
8% of jobs
$102.9K - $110.9K
6% of jobs
$110.9K - $119K
4% of jobs
$119K - $127K
2% of jobs
$38.5K
$83.4K
$127K
How much do it risk manager jobs pay per year?
What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?
What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?
What is the highest salary for a risk manager?
What does an IT Risk Manager do?
Is risk a good career?
What is the difference between It Risk Manager vs Cybersecurity Analyst?
| Aspect | It Risk Manager | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CISSP, Security+, CEH |
| Work Environment | Oversees risk management strategies across IT systems | Monitors and responds to security threats and incidents |
| Industry Usage | Used in organizations with complex IT infrastructures | Common in security-focused roles across industries |
The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.
How much does a risk manager get paid?
What is the role of IT risk manager?

Full-time
Posted 16 days ago
Job description
We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM.
ESSENTIAL DUTIES
Cyber & Risk Account Leadership & Planning
- Develop and execute strategic account plans for assigned cyber and risk consulting accounts, establishing clear revenue targets, relationship milestones, and cross-sell initiatives aligned with client enterprise risk priorities, regulatory obligations, cyber maturity goals, and resilience roadmaps.
- Conduct quarterly account reviews with internal stakeholders, including cyber strategy, technology risk, IT audit, governance risk and compliance, privacy, third-party risk, cloud security, incident response, and managed security leaders to identify expansion opportunities and design integrated risk advisory solutions.
- Establish and maintain executive relationship mapping for each account, identifying CISOs, CIOs, CROs, CFOs, General Counsel, audit committee members, compliance leaders, privacy officers, and business unit executives to enable multi-threaded engagement around cyber risk and enterprise resilience.
- Lead the transition of single-service cyber or risk clients into integrated advisory partnerships by connecting security, compliance, operational resilience, technology risk, privacy, and third-party risk challenges to RSM's broader cyber and risk consulting portfolio.
Revenue Growth & Service Expansion
- Drive year-over-year organic revenue growth within assigned accounts through renewals, upsells, and cross-sells of cyber and risk services, including cyber strategy and governance, technology risk, IT audit, regulatory compliance, privacy, data protection, third-party risk management, cloud security, incident readiness, and managed risk services.
- Identify and qualify high-value expansion opportunities by analyzing client risk maturity, cyber program effectiveness, regulatory pressure, threat exposure, control gaps, audit findings, vendor risk, and resilience needs, then connecting those priorities to RSM's integrated advisory capabilities.
- Develop and present multi-service value propositions to CISO, CIO, CRO, CFO, General Counsel, audit committee, and board-level audiences, using risk assessments, maturity benchmarks, regulatory drivers, cyber risk quantification, business impact scenarios, and resilience roadmaps to justify investment.
- Forecast and manage the cyber and risk consulting pipeline, including opportunity sizing, probability weighting, close forecasting, and quarterly reviews across cyber strategy, technology risk, IT audit, compliance, privacy, third-party risk, cloud security, incident response, and managed risk services.
Client Relationship & Executive Engagement
- Serve as the primary point of contact and trusted cyber and risk advisor for assigned accounts, building relationships grounded in a deep understanding of the client's business model, threat landscape, control environment, regulatory obligations, and enterprise risk priorities.
- Conduct QBRs and executive business reviews with CISO, CIO, CRO, CFO, General Counsel, audit committee, and C-suite leadership, presenting account performance, cyber maturity insights, risk themes, regulatory developments, control improvement opportunities, and recommendations for expanded advisory support.
- Maintain consistent engagement through strategic calls, risk briefings, cyber trend updates, control workshops, tabletop exercises, and in-person visits focused on evolving risk priorities, program maturity, regulatory readiness, and resilience needs.
- Build multi-threaded relationships across executive leadership, cyber and IT leadership, compliance, legal, finance, internal audit, procurement, and business unit stakeholders to reduce single-point-of-contact risk and increase strategic influence.
- Cultivate client advocacy through cyber program success stories, risk transformation case studies, board and peer referrals, and thought leadership engagement; establish accounts as referenceable clients for RSM's cyber and risk consulting practice.
Cyber & Risk Consulting Service Integration
- Lead the identification and launch of integrated cyber and risk initiatives that position RSM as the primary advisory partner across cyber strategy, governance, technology risk, IT audit, regulatory compliance, privacy, third-party risk, resilience, cloud security, and managed risk services.
- Collaborate with cyber strategists, risk advisors, IT audit professionals, compliance specialists, privacy practitioners, cloud security architects, incident response leaders, and managed services teams to design and scope integrated solutions addressing clients' highest-priority cyber and enterprise risk challenges.
- Manage the internal sales process, including proposal development, competitive assessments, multi-discipline client presentations, and unified positioning of RSM's cyber and risk advisory capabilities.
- Track and report on service line penetration within each account, establishing adoption goals across cyber strategy, technology risk, IT audit, compliance, privacy, third-party risk, incident readiness, and managed risk services.
Client Risk Success & Account Health
- Develop and monitor a composite account health score that incorporates relationship breadth, renewal and expansion status, cyber and risk maturity progression, delivery satisfaction, competitive positioning, regulatory urgency, and service expansion pipeline.
- Proactively identify at-risk accounts by monitoring engagement levels, risk roadmap alignment, audit findings, cyber incidents, regulatory pressure, delivery satisfaction, competitive threats, and renewal status; design interventions to stabilize and expand relationships.
- Work closely with delivery teams and cyber and risk practice leaders to ensure service delivery excellence, measurable risk reduction, control improvement, regulatory readiness, resilience outcomes, and realization of agreed client success criteria.
- Manage contract renewals and expansion discussions, ensuring on-time renewal execution and leveraging renewal conversations to expand service scope, improve cyber maturity, address emerging risk needs, and capture incremental advisory revenue.
Cyber, Risk & Regulatory Intelligence
- Develop deep industry, cyber, and risk expertise relevant to assigned accounts, staying abreast of threat trends, regulatory developments, privacy requirements, control frameworks, resilience expectations, cloud security concerns, third-party risk, and technology risk management practices.
- Bring curated cyber threat intelligence, risk trends, regulatory updates, maturity benchmarks, control improvement insights, and board-level business impact analyses to client conversations, positioning RSM as a strategic cyber and risk advisor.
- Identify and communicate emerging cyber and risk challenges, including ransomware exposure, cloud misconfiguration, identity and access risk, data privacy obligations, vendor risk, regulatory scrutiny, operational resilience, and audit readiness that create opportunities for expanded RSM engagement.
Metrics, Forecasting & Accountability
- Manage account portfolio to deliver individual and team revenue targets, expansion KPIs, service breadth, net revenue retention, renewal rate, and client satisfaction metrics for cyber and risk consulting services.
- Maintain accurate and timely account data within Salesforce, including opportunity pipeline, account plans, forecast assumptions, client interaction history, risk maturity assessments, regulatory drivers, and service adoption tracking.
- Prepare monthly and quarterly account performance reports, including revenue trends, service adoption, renewal status, cyber and risk opportunities, account health assessments, risk themes, and forecast updates.
- Achieve and maintain KPI targets including annual revenue growth, strong renewal performance, net revenue retention, multi-service cyber and risk engagement, adjacent service sell-through, and high client satisfaction for assigned accounts.
Required Qualifications:
- Bachelor's degree OR direct relevant past selling experience
- Minimum 5 years of professional services sales and/or account management
- Minimum 2 years of professional experience representing, client serving, managing or selling services
- Proficient in Microsoft Office suite (Word, Excel, PowerPoint)
- CRM experience for sales and/or account management application and requirements
- Formal sales process training (consultative selling, solution-based selling, complex sales or related consultative selling approaches)
- Demonstrated ability to lead a comprehensive and often complex sales process involving multiple internal resources and external decision-makers. Leadership in this role is largely based on influence and subject matter expertise rather than formal leadership roles or reporting lines
Preferred Qualifications:
- Experience within a consulting firm/accounting firm environment
- 7+ years of account management, cyber and risk consulting account leadership, advisory sales, or strategic client relationship experience in professional services, consulting, risk advisory, cybersecurity, or technology risk environments.
- Strong organizational and project management skills; ability to orchestrate cross-functional internal teams across cyber, risk, compliance, privacy, IT audit, incident response, managed services, and industry advisory practices.
At RSM, we offer a competitive benefits and compensation package for all our people.We offer flexibility in your schedule, empowering you to balance life's demands, while also maintaining your ability to serve clients.Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.
All applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender; sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law.
Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership.RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at 800-274-3978 or send us an email at careers@rsmus.com.
RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college / university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.
RSM will consider for employment qualified applicants with arrest or conviction records. For those living in California or applying to a position in California, please click here for additional information.
At RSM, an employee's pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.
Compensation Range: $102,800 - $176,000