1

It Risk Manager Jobs in Oregon (NOW HIRING)

... technology and information security risk, treasury risk, and compliance risk. The Risk team partners closely with business leaders, executive management, and the Board to ensure material risks are ...

Cyber and Tech Risk UW SR

Portland, OR · On-site +1

$103K - $122K/yr

... and technology risk. We combine underwriting expertise, cyber risk intelligence, and advanced ... Our cyber offerings are supported by proactive risk management services and data driven insights ...

Bachelor's degree in Computer Science, Information Technology, Risk Management, or a related technical field. * 5+ years of combined experience in information security, cybersecurity, or technical ...

Senior IT Auditor

Hillsboro, OR · On-site +1

$102K - $134K/yr

Represent Internal Audit on various project, risk, and management committees. * Present the results ... Compliance, Legal, Banking Regulatory, Information Technology, Information Security, Data Analytics ...

IT Manager

Beaverton, OR · On-site

$103K - $118K/yr

CTA Pathology is looking for a talented IT Manager. This role will involve taking ownership of the department and ensuring the smooth functioning of various IT and network systems. Responsibilities

Drive decision-making, risk management, and ensure delivery within scope, timeline, and budget Required Skills * 10+ years of experience in IT Infrastructure Project Management * Strong experience in ...

Director of IT Exciting opportunity to join our 98+ year-old, family-owned, and growing ... risk management efforts. • Leading and developing a technology team focused on accountability ...

IT Project Manager

$98K - $116K/yr

Developing and maintaining project plans, schedules, budgets, risk logs, and status reporting ... managing IT projects or programs of similar scope and complexity. * Proven ability to manage ...

next page

Showing results 1-20

It Risk Manager information

See Oregon salary details

$54.5K

$117.9K

$179.7K

How much do it risk manager jobs pay per year?

As of Jul 11, 2026, the average yearly pay for it risk manager in Oregon is $117,947.00, according to ZipRecruiter salary data. Most workers in this role earn between $95,200.00 and $136,400.00 per year, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What is the highest salary for a risk manager?

The highest salary for an IT Risk Manager can exceed $150,000 annually, especially for those with extensive experience, advanced certifications like CRISC or CISSP, and working in large organizations or financial institutions. Senior risk managers or those in managerial or executive roles may earn even higher compensation, including bonuses and benefits.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

Is risk a good career?

A career as an IT Risk Manager is considered stable and in demand, as organizations prioritize cybersecurity and risk mitigation. The role requires strong analytical skills, knowledge of security frameworks, and often certifications like CISSP or CRISC. It offers opportunities for advancement and specialization in a growing field.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

A risk manager's average salary varies by experience and location but typically ranges from $80,000 to $150,000 annually. Senior risk managers or those with specialized certifications like FRM or CRM can earn higher salaries, especially in large organizations or financial sectors.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What are popular job titles related to It Risk Manager jobs in Oregon? For It Risk Manager jobs in Oregon, the most frequently searched job titles are:
What cities in Oregon are hiring for It Risk Manager jobs? Cities in Oregon with the most It Risk Manager job openings:
Infographic showing various It Risk Manager job openings in Oregon as of July 2026, with employment types broken down into 1% As Needed, 78% Full Time, 17% Part Time, 3% Contract, and 1% Nights. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $117,947 per year, or $56.7 per hour.
Manager, Third Party Risk Management

Manager, Third Party Risk Management

Upstart

OR • On-site, Remote

Other

Posted 15 days ago


Job description

The Team: 

Upstart's Risk team is building its second line of defense function in support of its application to establish Upstart Bank, N.A., a de novo national bank. The team is responsible for Upstart's enterprise risk management program and risk governance, providing independent oversight and credible challenge across key risk categories including operational risk, third-party risk, technology and information security risk, treasury risk, and compliance risk. The Risk team partners closely with business leaders, executive management, and the Board to ensure material risks are effectively identified, assessed, monitored, and governed in alignment with OCC, FDIC, and interagency regulatory expectations.

As the Manager, Third Party Risk Management at Upstart, you will lead the day-to-day execution of the bank's third-party risk management program and oversee a team responsible for risk assessments, due diligence, ongoing monitoring, and vendor oversight activities. You will play a key role in ensuring the program remains scalable, exam-ready, and aligned with evolving regulatory expectations while supporting the growth of Upstart Bank.

How you'll make an impact

  • Lead execution of the bank's end-to-end third-party risk management program, including risk-tiered due diligence, onboarding risk assessments, ongoing monitoring, and offboarding activities across all vendor tiers.
  • Manage and develop the Third-Party Risk Management team by setting priorities, providing coaching, and ensuring consistent, high-quality risk assessments and oversight activities.
  • Serve as the primary second-line escalation point for elevated or complex third-party risk matters, providing risk-based recommendations and ensuring issues are appropriately documented, tracked, and resolved.
  • Maintain and enhance third-party risk management frameworks, risk tiering methodologies, assessment templates, and governance processes to support a scalable, risk-based program.
  • Partner with Legal, Compliance, Information Security, Affiliate Risk, and business stakeholders to ensure consistent application of third-party risk standards throughout the vendor lifecycle.
  • Lead regulatory examination readiness and support responses to OCC, FDIC, internal audit, and external audit inquiries related to third-party risk management.

Minimum Qualifications 

  • Bachelor's degree or equivalent practical experience.
  • 6+ years of experience in third-party risk management, compliance, audit, operational risk, or a related risk discipline within a banking or financial services environment.
  • Experience leading a third-party risk management program, including risk assessments, due diligence reviews, ongoing monitoring, and issue management across a multi-vendor portfolio.
  • Knowledge of OCC, FDIC, and interagency guidance related to third-party relationships and risk management, including the 2023 Interagency Guidance on Third-Party Relationships: Risk Management.
  • Experience assessing and managing risks associated with multiple third-party relationship types, including suppliers, lending partners, affiliates, and technology service providers.

Preferred Qualifications

  • Direct experience supporting OCC or FDIC regulatory examinations related to third-party risk management.
  • Experience leading or developing risk, compliance, audit, or third-party risk professionals.
  • Knowledge of affiliate risk oversight requirements, including Regulation W and related regulatory expectations.
  • Experience operating within a fintech, digital banking, or technology-intensive environment, including oversight of cloud, SaaS, and other technology service providers.
  • Experience using governance, risk, and compliance (GRC) platforms to support third-party risk assessments, issue management, workflow automation, and ongoing monitoring activities.

Position location This role is available in the following locations: Remote 

Time zone requirements The team operates on the East/West coast time zones. 

Travel requirements As a digital first company, the majority of your work can be accomplished remotely. The majority of our employees can live and work anywhere in the U.S but are encouraged to to still spend high quality time in-person collaborating via regular onsites. The in-person sessions' cadence varies depending on the team and role; most teams meet once or twice per quarter for 2-4 consecutive days at a time.

#LI-REMOTE

#LI-MidSenior --> use for L5, L6