1

It Risk Manager Jobs in Massachusetts (NOW HIRING)

Senior IT Internal Auditor

Boston, MA ยท Hybrid

$102K - $134K/yr

Cybersecurity and risk management: Assess cybersecurity control areas such as identity and access ... Work cross-functionally with Internal Audit, IT, Finance, Cybersecurity, project teams, and ...

This role will strengthen the company's control environment, reduce compliance and operational risk ... IT risk and compliance operating model. * Manage internal corrective actions assigned to IT ...

The IT Internal Auditor supports the execution of the Company's Internal Audit plan, with ... governance and risk management practices, and helps enhance the overall control environment.

New

$130K - $175K/yr

This role will strengthen the company's control environment, reduce compliance and operational risk ... IT risk and compliance operating model.Manage internal corrective actions assigned to IT ...

Senior IT Audit Manager

Waltham, MA ยท On-site

$130K - $175K/yr

This role will strengthen the company's control environment, reduce compliance and operational risk ... IT risk and compliance operating model. * Manage internal corrective actions assigned to IT ...

Role: IT Audit Lead Location: Remote (EST Hours) Term: 5+ Mo. Position Overview The IT Audit Lead ... risk assessments, control design, testing, issue management, and remediation. * Experience ...

New

Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Continuity, or a related field (or equivalent experience) * 2-5 years of experience in cybersecurity, business ...

Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business Continuity, or a related field (or equivalent experience) * 2-5 years of experience in cybersecurity, business ...

Senior Principal, Internal Audit, IT

Bedford, MA ยท On-site

$88K - $110K/yr

Deep knowledge of technology risk management, IT general controls, cybersecurity, cloud ... environments, ERP platforms, data governance, and emerging technology risks. * Experience ...

next page

Showing results 1-20

It Risk Manager information

See Massachusetts salary details

$56.2K

$121.8K

$185.7K

How much do it risk manager jobs pay per year?

As of Jul 18, 2026, the average yearly pay for it risk manager in Massachusetts is $121,833.00, according to ZipRecruiter salary data. Most workers in this role earn between $98,300.00 and $140,900.00 per year, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What is the highest salary for a risk manager?

The highest salary for an IT Risk Manager can exceed $150,000 annually, especially for those with extensive experience, advanced certifications like CRISC or CISSP, and working in large organizations or financial institutions. Senior risk managers or those in managerial or executive roles may earn even higher compensation, including bonuses and benefits.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

Is risk a good career?

A career as an IT Risk Manager is considered stable and in demand, as organizations prioritize cybersecurity and risk mitigation. The role requires strong analytical skills, knowledge of security frameworks, and often certifications like CISSP or CRISC. It offers opportunities for advancement and specialization in a growing field.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

A risk manager's average salary varies by experience and location but typically ranges from $80,000 to $150,000 annually. Senior risk managers or those with specialized certifications like FRM or CRM can earn higher salaries, especially in large organizations or financial sectors.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What are popular job titles related to It Risk Manager jobs in Massachusetts? For It Risk Manager jobs in Massachusetts, the most frequently searched job titles are:
What job categories do people searching It Risk Manager jobs in Massachusetts look for? The top searched job categories for It Risk Manager jobs in Massachusetts are:
What cities in Massachusetts are hiring for It Risk Manager jobs? Cities in Massachusetts with the most It Risk Manager job openings:

Senior IT Internal Auditor

Origin Staffing

Boston, MA โ€ข Hybrid

$102K - $134K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 29 days ago


Job description

A global, publicly traded technology and advanced manufacturing company is seeking aSenior IT Internal Auditorto join its Internal Audit team. This is a highly visible role supporting enterprise-wide technology, cybersecurity, ERP transformation, SOX, and risk management initiatives across a complex global organization.

This position is ideal for someone coming from IT audit, technology risk, risk advisory, or internal audit who enjoys working at the intersection of systems, controls, cybersecurity, and business process improvement. The company is currently undergoing major technology transformation, including a large-scale cloud ERP implementation, creating a unique opportunity to audit high-impact projects in real time and help strengthen the future-state control environment.

The role offers exposure to senior leaders across Internal Audit, IT, Finance, Cybersecurity, and enterprise transformation teams. While the formal title is Senior IT Internal Auditor, the scope is closer to a strong Senior Associate/light Manager level, with meaningful ownership and visibility.

Company Overview & Benefits

The company offers a strong compensation and benefits package, including:

  • Competitive base salary
  • Annual performance bonus/profit sharing
  • Comprehensive medical, dental, and vision benefits
  • 401(k) match
  • Employee stock purchase plan
  • Tuition reimbursement and professional development support
  • Strong PTO and holiday package
  • Flexible hybrid work model with practical common-sense flexibility
  • Collaborative culture with global scale, strong leadership, and interesting transformation work

Responsibilities

  • IT audit and controls:Plan and execute IT audits across enterprise applications, infrastructure, IT general controls, application controls, cybersecurity, and technology risk areas.
  • ERP implementation audit:Support audits of a major cloud ERP implementation, including project governance, system configuration, data migration, access/security, control design, and implementation readiness.
  • SOX and compliance:Evaluate ITGCs, application controls, and technology-related controls supporting SOX 404 and broader compliance requirements.
  • Cybersecurity and risk management:Assess cybersecurity control areas such as identity and access management, network security, endpoint protection, incident response, data protection, and related risk management processes.
  • AI and emerging technology risk:Support audit procedures around AI-enabled systems and technology-enabled business processes, including governance, monitoring, oversight, data privacy, security, and control effectiveness.
  • Stakeholder partnership:Work cross-functionally with Internal Audit, IT, Finance, Cybersecurity, project teams, and business process owners to evaluate risks and provide practical recommendations.
  • Audit documentation and reporting:Document audit findings, develop clear recommendations, and communicate results to management and key stakeholders.
  • Process improvement:Identify opportunities to strengthen controls, improve efficiency, enhance governance, and support scalable processes across the companys technology environment.

Qualifications

  • Rlevant experience of IT audit, technology risk, internal audit, IT controls
  • Experience with ERP implementation audits or major system transformation projects strongly preferred
  • Oracle Fusion or similar cloud ERP exposure is a major plus
  • Strong understanding of SOX 404, ITGCs, application controls, project risk, and IT control frameworks
  • Cybersecurity audit experience, including areas such as IAM, network security, SIEM tools, firewall configurations, endpoint protection, or incident response
  • CISA, CIA, CPA, CISSP, or related certifications are a plus