ZipRecruiter

Log In

1

It Risk Manager Jobs in Tennessee (NOW HIRING)

PNC Bank

$112K - $208K/yr

Plays a key role in Technology risk management of Strategic Initiatives delivering IT solutions to clients and internal stakeholders. This position may be eligible for remote work in select ...

AllianceBernstein

Risk Manager

Nashville, TN ยท On-site

Ability to explain complex information in an easily digestible manner * Highly analytical mind with ... new technologies into our business or providing thoughtful advice to our clients, we are fully ...

International Paper Company

IT Vendor Manager

Memphis, TN ยท On-site

$101K - $134K/yr

As an IT Vendor Manager, you will operate at the intersection of technology, finance, risk, and operations to ensure IP maximizes value from its strategic technology vendors. The most critical of ...

International Paper

IT Vendor Manager

Memphis, TN ยท On-site

$101K - $134K/yr

As an IT Vendor Manager, you will operate at the intersection of technology, finance, risk, and operations to ensure IP maximizes value from its strategic technology vendors. The most critical of ...

Covenant Health

SR RISK MANAGER

Knoxville, TN

Senior Risk Manager Full Time, 80 Hours Per Pay Period, Day Shift Covenant Health Overview ... Assists with release of records and information in response to subpoenas, court orders, attorney ...

Covenant Health

SR RISK MANAGER

Knoxville, TN ยท On-site

Assists with release of records and information in response to subpoenas, court orders, attorney ... Assumes risk management on-call responsibility for the system as a part of the call rotation.

next page

Showing results 1-20

All JobsIt Risk Manager JobsIt Risk Manager Jobs in Tennessee

It Risk Manager information

See Tennessee salary details

$46.7K

$101.3K

$154.3K

How much do it risk manager jobs pay per year?

As of Jun 19, 2026, the average yearly pay for it risk manager in Tennessee is $101,250.00, according to ZipRecruiter salary data. Most workers in this role earn between $81,700.00 and $117,100.00 per year, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

Do risk managers make good money?

Risk managers typically earn competitive salaries that vary based on experience, industry, and location. According to industry data, median annual pay ranges from $80,000 to over $130,000, with higher earnings possible for those with certifications like FRM or CRM and extensive experience. They often work in corporate environments, analyzing and mitigating financial, operational, or cybersecurity risks.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

Risk managers typically earn a median annual salary of around $100,000, with salaries ranging from approximately $70,000 to over $150,000 depending on experience, industry, and location. Professionals often hold certifications like CRM or FRM and work in finance, insurance, or corporate sectors.

Are risk managers in high demand?

Risk managers are in high demand across various industries due to increasing concerns about cybersecurity, compliance, and operational risks. Employers seek professionals with skills in risk assessment, mitigation strategies, and certifications like FRM or CRM, making it a growing field with strong job prospects.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What are popular job titles related to It Risk Manager jobs in Tennessee? For It Risk Manager jobs in Tennessee, the most frequently searched job titles are:
What job categories do people searching It Risk Manager jobs in Tennessee look for? The top searched job categories for It Risk Manager jobs in Tennessee are:
It Risk Manager jobs near you
Infographic showing various It Risk Manager job openings in Tennessee as of June 2026, with employment types broken down into 88% Full Time, 4% Part Time, and 8% Contract. Highlights an 92% Physical, 2% Hybrid, and 6% Remote job distribution, with an average salary of $101,250 per year, or $48.7 per hour.

Director of IT Governance, Risk and Compliance

orionfcu

Memphis, TN โ€ข On-site

Other

Posted 29 days ago

Job description

POSITION PURPOSE

The Director of IT Governance, Risk and Compliance provides strategic leadership and oversight of the organization's IT risk posture, governance frameworks, and regulatory compliance within a financial services environment. This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The director serves as a key liaison to regulators and internal audit, leads enterprise IT risk programs, and partners closely with information security, legal, compliance, and business units to proactively identify, assess, and mitigate risk across systems, vendors, and emerging technologies.

ESSENTIAL FUNCTIONS AND BASIC DUTIES

1. ย  ย Define And maintain the IT risk management framework, ensuring alignment with enterprise risk appetite and business strategy.
2. ย  ย Develop and execute a multi year IT risk maturity road map, including governance, controls, and reporting enhancements.
3. ย  ย Provide executive level and board reporting on IT risk posture, trends, and emerging threats.
4. ย  ย Establish and oversee IT governance structures, policies, standards, and procedures.
5. ย  ย Lead enterprise IT risk assessments, including infrastructure, applications, and security architecture reviews.
6. ย  ย Identify vulnerabilities, evaluate risk exposure, and ensure timely mitigation of identified issues.
7. ย  ย Oversee risk acceptance processes and provide escalation authority for material IT and security risks.
8. ย  ย Review and challenge risk decisions, ensuring consistency with organizational risk tolerance.
9. ย  ย Serve as primary point of contact for IT regulatory examinations and audits.
10. ย  ย Manage IT exam life cycle, including preparation, coordination, and response.
11. ย  ย Oversee tracking, reporting, and remediation of IT findings from regulators and internal/ external audits.
12. ย  ย Maintain comprehensive documentation of audits, findings, and corrective actions.
13. ย  ย Interpret and operationalize regulatory requirements related to IT systems, data protection, and information security to include SOX, data privacy laws, and financial regulations.
14. ย  ย Develop and implement strategies to ensure ongoing compliance with applicable laws and standards.
15. ย  ย Partner with legal and compliance teams to monitor regulatory changes and assess impact on IT controls.
16. ย  ย Provide oversight of IT risk associated with third party vendors, including material risk vendor reviews and escalations.
17. ย  ย Collaborate with vendor management teams to ensure adequate controls and risk mitigation strategies.
18. ย  ย Assess risks associated with new technologies, products, and services, ensuring appropriate governance and control implementation.
19. ย  ย Partner closely with information security to align on security controls, risk assessments, and remediation priorities.
20. ย  ย Work with business and technology stakeholders to embed risk management practices into day-to-day operations.
21. ย  ย Promote a strong risk-aware culture across the organization.

QUALIFICATIONS

EDUCATION/CERTIFICATION: Bachelorโ€™s degree in Information Technology, Cybersecurity, Risk Management, or a related field. Advanced degree preferred. Relevant certifications preferred (e.g., CISM, CRISC, CISSP, CISA)
REQUIRED KNOWLEDGE: Strong understanding of SOX, data privacy regulations, and technology compliance requirements.

EXPERIENCE REQUIRED: Ten or more (10+) years of progressive experience in IT risk management, IT audit, information security, or governance within financial services or a highly regulated industry.
Deep expertise in IT risk frameworks, such as NIST, COBIT, ISO 27001, and regulatory environments.
Proven experience managing regulatory exams and audit engagements.

SKILLS/ABILITIES:

Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership.
Demonstrated ability to lead complex risk programs and influence senior stakeholders, including executive leadership.
Very strong analytical & problem-solving skills

Apply