1

It Risk Manager Jobs in Kentucky (NOW HIRING)

IT Project Manager

Lexington, KY · On-site

$97K - $114K/yr

The IT Project Manager will be instrumental in implementing Agile practices, fostering a collaborative and productive environment, and ensuring the timely delivery of high-quality solutions. This is ...

IT Project Manager

Frankfort, KY · On-site

$85K - $101K/yr

The IT Project Manager will be instrumental in implementing Agile practices, fostering a collaborative and productive environment, and ensuring the timely delivery of high-quality solutions. This is ...

IT Project Manager

Louisville, KY · On-site

$94K - $111K/yr

The IT Project Manager will be instrumental in implementing Agile practices, fostering a collaborative and productive environment, and ensuring the timely delivery of high-quality solutions. This is ...

IT Project Manager

Bowling Green, KY · On-site

$96K - $114K/yr

The IT Project Manager will be instrumental in implementing Agile practices, fostering a collaborative and productive environment, and ensuring the timely delivery of high-quality solutions. This is ...

IT Project Manager

Covington, KY · On-site

$95K - $113K/yr

The IT Project Manager will be instrumental in implementing Agile practices, fostering a collaborative and productive environment, and ensuring the timely delivery of high-quality solutions. This is ...

IT Project Manager

Owensboro, KY · On-site

$97K - $115K/yr

The IT Project Manager will be instrumental in implementing Agile practices, fostering a collaborative and productive environment, and ensuring the timely delivery of high-quality solutions. This is ...

Manager, IT Project Management

Louisville, KY · On-site

$94K - $111K/yr

Become a part of our caring community The IT PMO Manager provides leadership for program and ... Risk, issue & dependency management at program and project levels Key Responsibilities PMO ...

Manager, IT Project Management

Louisville, KY · Hybrid

$94K - $111K/yr

Become a part of our caring community The IT PMO Manager provides leadership for program and ... Risk, issue & dependency management at program and project levels Key Responsibilities PMO ...

Manager, IT Project Management

Louisville, KY · Hybrid

$94K - $111K/yr

Become a part of our caring community The IT PMO Manager provides leadership for program and ... Risk, issue & dependency management at program and project levels Key Responsibilities PMO ...

Manager, IT Project Management

Louisville, KY · Hybrid

$94K - $111K/yr

Become a part of our caring community The IT PMO Manager provides leadership for program and ... Risk, issue & dependency management at program and project levels Key Responsibilities PMO ...

next page

Showing results 1-20

It Risk Manager information

See Kentucky salary details

$44.7K

$96.9K

$147.6K

How much do it risk manager jobs pay per year?

As of Jul 15, 2026, the average yearly pay for it risk manager in Kentucky is $96,889.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,200.00 and $112,000.00 per year, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What is the highest salary for a risk manager?

The highest salary for an IT Risk Manager can exceed $150,000 annually, especially for those with extensive experience, advanced certifications like CRISC or CISSP, and working in large organizations or financial institutions. Senior risk managers or those in managerial or executive roles may earn even higher compensation, including bonuses and benefits.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

Is risk a good career?

A career as an IT Risk Manager is considered stable and in demand, as organizations prioritize cybersecurity and risk mitigation. The role requires strong analytical skills, knowledge of security frameworks, and often certifications like CISSP or CRISC. It offers opportunities for advancement and specialization in a growing field.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

A risk manager's average salary varies by experience and location but typically ranges from $80,000 to $150,000 annually. Senior risk managers or those with specialized certifications like FRM or CRM can earn higher salaries, especially in large organizations or financial sectors.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What are popular job titles related to It Risk Manager jobs in Kentucky? For It Risk Manager jobs in Kentucky, the most frequently searched job titles are:
What job categories do people searching It Risk Manager jobs in Kentucky look for? The top searched job categories for It Risk Manager jobs in Kentucky are:
Infographic showing various It Risk Manager job openings in Kentucky as of July 2026, with employment types broken down into 1% As Needed, 75% Full Time, 20% Part Time, and 4% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $96,889 per year, or $46.6 per hour.
Director IT Information Security

Director IT Information Security

Texas Roadhouse

Louisville, KY • On-site

Full-time

Posted 6 days ago


Texas Roadhouse rating

5.8

Company rating: 5.8 out of 10

Based on 1,086 frontline employees who took The Breakroom Quiz

51st of 86 rated restaurants


Job description

Position Overview

The Director, Information Security is responsible for leading and maturing the organization's information security program across security architecture, engineering, governance, risk, compliance, and security operations. This role partners closely with the Chief Information Officer, IT leadership, business leaders, Legal, Compliance, Internal Audit, and external partners to protect company systems, data, technology platforms, restaurants, Support Center operations, and end users. The Director provides strategic direction and hands-on leadership for enterprise security architecture, threat detection, incident response, vulnerability management, third-party risk, policy and control governance, security tooling, and security awareness. The ideal candidate brings a strong background in security architecture, engineering, GRC, and/or security operations, with the ability to translate complex technical risk into clear business impact and practical recommendations.

Responsibilities

Develop, lead, and mature the enterprise information security strategy, roadmap, governance model, operating practices, and program priorities.

Serve as a trusted advisor to technology and business leadership on cybersecurity risk, security investments, emerging threats, operational readiness, and risk-based decision making.

Establish and maintain security architecture standards for infrastructure, cloud, applications, identity and access management, endpoints, networks, data protection, logging, and monitoring.

Partner with enterprise architecture, infrastructure, application, engineering, and business teams to embed security into technology decisions, system designs, integrations, and implementation plans.

Review new systems, platforms, integrations, and vendor solutions to ensure appropriate security controls are designed, documented, implemented, and monitored.

Lead the cybersecurity governance, risk, and compliance program, including policies, standards, procedures, control frameworks, risk assessments, remediation tracking, and executive reporting.

Partner with Legal, Compliance, Internal Audit, Finance, Operations, restaurants, and business leaders to support applicable regulatory, contractual, audit, and operational requirements, including SOX, PCI, HIPAA, or other applicable standards.

Oversee the Security Operations Center (SOC) and security monitoring, detection, triage, escalation, and response activities, including coordination with managed security service providers or external partners, as applicable.

Lead the enterprise incident response program, including containment, eradication, recovery, communication, post-incident review, and continuous improvement of response processes.

Manage and mature threat detection, threat intelligence, proactive threat hunting, vulnerability management, prioritization, remediation tracking, and risk reporting.

Oversee and optimize security technologies and processes, including SIEM/XDR, EDR, firewall monitoring, network security operations, log collection, correlation, alerting, detection engineering, and SOAR capabilities.

Develop, maintain, and regularly test incident response playbooks, runbooks, escalation procedures, tabletop exercises, breach simulations, and security drills.

Partner with IT and business leaders on disaster recovery, business continuity, cyber resilience, and crisis communication planning.

Establish, monitor, and report security metrics and key performance indicators, such as vulnerability remediation progress, security control effectiveness, mean time to detect, mean time to respond, and program roadmap progress.

Oversee third-party/vendor security risk assessments, vendor security expectations, ongoing monitoring, and vendor/contract relationships related to security operations or security services.

Manage operational budgets, tooling costs, vendor relationships, and resource planning for security programs and security operations, as assigned.

Develop and lead cybersecurity awareness and training efforts to promote shared accountability for protecting company information, systems, restaurants, Roadies, and guests.

Prepare and deliver clear written and in-person communications regarding cybersecurity posture, operational readiness, key risks, incidents, and program progress to IT leadership, senior leadership, audit-related forums, restaurants, and end users, as appropriate.

Lead, coach, hire, and develop Security Operations Roadies, Security Analysts, Security Engineers, information security team members, vendors, consultants, or cross-functional project teams, as assigned.

Stay current on cybersecurity trends, emerging threats, technology changes, and regulatory developments, and recommend actions to reduce risk and strengthen resilience.

Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.

Qualifications

Education and Experience

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, Information Technology, or a related field required; Master's degree or MBA preferred.

10+ years of progressive experience in information technology, cybersecurity, information security, security operations, security engineering, enterprise architecture, IT risk, or related technology leadership required.

Majority of experience should include information security, security operations/SOC, security architecture, engineering, GRC, incident response, vulnerability management, or related cybersecurity responsibilities.

5+ years of people leadership experience required, including managing teams, programs, vendors, budgets, or cross-functional security initiatives.

Demonstrated experience building, leading, or maturing an enterprise information security program and/or security operations capability.

Technical and Functional Expertise

Strong background in one or more of the following areas: security architecture, security engineering, enterprise architecture, governance/risk/compliance, security operations, SOC leadership, cloud security, infrastructure security, identity and access management, threat detection, vulnerability management, or incident response.

Experience leading incident response and security monitoring operations, including detection, triage, escalation, containment, eradication, recovery, and post-incident reviews.

Knowledge of cybersecurity frameworks, standards, and control environments such as NIST, CIS Controls, ISO 27001, SOC 2, PCI DSS, COBIT, ITIL, SOX, HIPAA, or similar frameworks and requirements.

Experience with security technologies and operating processes such as SIEM/XDR, EDR, firewalls, network security monitoring, vulnerability scanning, log management, threat intelligence, detection engineering, and SOAR preferred.

Experience leading risk assessments, control reviews, audit support, remediation plans, vendor security reviews, incident response planning, and executive risk reporting.

Experience with cloud platforms such as Microsoft Azure, AWS, or Google Cloud preferred.

Experience in a multi-location, hospitality, restaurant, retail, consumer services, or high-growth environment preferred.

Certifications

Professional certification such as CISSP, CISM, CISA, CRISC, CCSP, GIAC, GCIH, GCIA, CEH, or similar certification required or preferred based on business needs.

Leadership Competencies

Strong business acumen with the ability to balance security priorities, operational needs, risk tolerance, and business objectives.

Ability to translate complex technical risk into clear, practical, business-focused recommendations for technical and non-technical audiences.

Strong collaboration, communication, influence, judgment, confidentiality, and executive presence.

Ability to lead through change, prioritize competing needs, make sound decisions, and remain calm and effective during incidents or high-pressure situations.

Demonstrated commitment to developing people, building strong partnerships, driving accountability, and leading with integrity.

This job description includes essential functions and basic duties and is intended to provide guidelines for job expectations and the employee's ability to perform the position described. It is not an exhaustive list of all functions, responsibilities, skills, and abilities. Additional functions and requirements may be assigned by supervisors as appropriate. This document is not a contract of employment, and the Company reserves the right to change this job description and/or assign tasks for the employee to perform, as the Company may deem appropriate.

We are proud to be an equal opportunity employer. We are committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, gender, pregnancy, gender identity, disability, veteran status, sexual orientation, citizenship, national origin, or any other legally-protected status. We encourage and welcome all applicants to apply.

Employment Type: FULL_TIME

What Texas Roadhouse employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom