1

It Risk Manager Jobs in Texas (NOW HIRING)

The incumbent will execute and support day-to-day IT risk management activities (such as risk and controls assessments), manage deadlines and stakeholder expectations, and lead or participate in ...

Managing sales pursuits and the sales pipeline, helping the team in identifying, qualifying and ... risk assessments, technology due diligence assessments, technical IT internal audit assistance, and ...

Managing sales pursuits and the sales pipeline, helping the team in identifying, qualifying and ... risk assessments, technology due diligence assessments, technical IT internal audit assistance, and ...

next page

Showing results 1-20

It Risk Manager information

See Texas salary details

$48K

$103.9K

$158.4K

How much do it risk manager jobs pay per year?

As of Jul 4, 2026, the average yearly pay for it risk manager in Texas is $103,932.00, according to ZipRecruiter salary data. Most workers in this role earn between $83,800.00 and $120,200.00 per year, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What is the highest salary for a risk manager?

The highest salary for an IT Risk Manager can exceed $150,000 annually, especially for those with extensive experience, advanced certifications like CRISC or CISSP, and working in large organizations or financial institutions. Senior risk managers or those in managerial or executive roles may earn even higher compensation, including bonuses and benefits.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

Is risk a good career?

A career as an IT Risk Manager is considered stable and in demand, as organizations prioritize cybersecurity and risk mitigation. The role requires strong analytical skills, knowledge of security frameworks, and often certifications like CISSP or CRISC. It offers opportunities for advancement and specialization in a growing field.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

A risk manager's average salary varies by experience and location but typically ranges from $80,000 to $150,000 annually. Senior risk managers or those with specialized certifications like FRM or CRM can earn higher salaries, especially in large organizations or financial sectors.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What job categories do people searching It Risk Manager jobs in Texas look for? The top searched job categories for It Risk Manager jobs in Texas are:
What cities in Texas are hiring for It Risk Manager jobs? Cities in Texas with the most It Risk Manager job openings:
Infographic showing various It Risk Manager job openings in Texas as of June 2026, with employment types broken down into 82% Full Time, 14% Part Time, 2% Contract, and 2% Nights. Highlights an 95% Physical, 1% Hybrid, and 4% Remote job distribution, with an average salary of $103,932 per year, or $50 per hour.
Manager IT Cybersecurity Risk Management

Manager IT Cybersecurity Risk Management

Texas Health Resources

Arlington, TX • Remote

Full-time

Posted 10 days ago


Texas Health Resources rating

7.7

Company rating: 7.7 out of 10

Based on 338 frontline employees who took The Breakroom Quiz

160th of 877 rated healthcare providers


Job description

Manager IT Cybersecurity Risk Management
Are you looking for a rewarding career with top-notch benefits? We are looking for a qualified Manager like you to join our Texas Health family.

Position Highlights

  • Work location: Texas Health System Services
  • Core Work hours: Monday - Friday 8a-5p; Remote Opportunity with the ability to come on site at least 1x a month

 Position Summary

As a Manager within the IT Risk Management & Assurance Team, the individual will oversee day-to-day IT Risk Management program operations and supervise employees within the Risk Management service delivery area/s.  

Key Responsibilities 

Perform Governance, Risk Management and Compliance Controls, Processes and Technology
Provide leadership with IT GRC platform and road map. Ensure that product request pipeline is aligned with IT risk management strategy. Govern and lead the IT GRC development efforts.
Ensure IT GRC components fully support governance, risk and compliance processes.
Create and develop requirements for reports and dashboards within GRC system to support THR Information security and risk management support needs.
Directly partner with the Privacy, Entity Directors and Compliance to support audit functions, controls monitoring efforts and oversees risk processes.
Support Texas Health entity leadership and ITS executives through the process of prioritizing security initiatives based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the Texas Health strategic plan.
Develop and create requirements for monthly and quarterly risk management reports and ensure timely report delivery.
Lead supported IT Risk Management functional areas and process activities with THR risk stakeholders and delegate requirements and action items to risk management functional areas.
Lead in the program support and reporting within the Information Security Governance Council, THR PCI workgroup, Privacy and Security Council and other steering group committees. 
Ensure that all THR Information Security controls are document and mapped to policy and technical solutions along with control effectiveness.
Lead in delegating program function activities to support THR Information Security communication, training and awareness plans.
Assist in the development, coordination and integration of the Information Security road-map and strategy.
Provide leadership with the THR risk management processes and procedures and align with THR entity risks.
Provide leadership and ongoing management of the IT risk register along with risk treatment plans. Provide, document and update risk treatment plan accordingly.
Report and develop metrics, measures and scorecards for to measure the effectiveness of the Information Security Program and the supported program areas, including key performance indicators and key risk indicators.
Lead and delegate IT risk management activities in program support program areas that leverages the THR risk analysis lifecycle and risk stratification process.
Review and update IT risk scenario catalog to align with THR risk posture. Ensure program support team members are informed and use the risk scenario catalog.
Review and update the IT risk management controls catalog and ensure control effectives as it relates to stratification process and risk scenarios. 
Review and update IT risk management metrics and measures catalog and ensure alignment with key performance and key risk indicators.
Commission and authorized development activities, such as SharePoint, in support of the Information Security Program and alignment with IT GRC product road map.
Perform Audits, Incident Management, Investigations, Risk Assessments
Provides leadership and accountability in the support of the THR Information Security audit plan.
Govern and lead efforts with the tracking and resolution of security incidents, issues management and exception processes.
Support audit processes and supporting documents and ensure audits are processed on time and ensure program support team members are aware of audit tasks.
Develop accurate audit documentation that is used by supported program team members and delegate audit tasks lists.
Provide guidance and leadership on audits, incidents and assessments and ensure program team member execution.
Support and help develop incident management processes and ensure incidents are coordinated and documented correctly. Provide continuous feedback loop into risk identification and risk analysis.
Provide leadership from risk management perspective input into incident management policies and procedures.
Lead efforts with security incident management with THR and ITS staffs.
Ensure security incidents are reported and resolved in the appropriate time-frames. This includes governance to ensure due care is executed with security incident investigations.
Develop and lead system and entity risk assessments to system owners within the prescribed timelines.
Develop and coordinate and risk assessment with THR and ITS system owners. Provide governance on delegated risk assessment action items.
Review and develop risk assessment content and align potential gaps with risk stratification process.
Ensure training is provided by risk management team members to system owners on audits, security incidents and risk assessment practices, processes and procedures.
Develop and create reports to THR risk stakeholders for audits, security incidents and risk assessments. Present final reports and provide recommendation on remediation activities.
Provide governance on forensic investigations and reporting for security incidents. Provide input on security investigation requiring THR executives input or legal counsel communication.
Support and Perform Information Security Continuous Monitoring Processes and Technology
Lead and provide risk based decision support in the Information Security Review process. Ensure that all risk based decisions are documented in IT GRC.
Develop processes and procedures to ensure that critical Information Security controls are being monitored and align with risk catalog.
Develop processes and procedures to sustain and grow the IT risk management audit program and the continuous control monitoring efforts.
Monitor ongoing threats to the THR enterprise network and communicate threats to leadership, employees and system administrators as necessary.
Provide guidance on IT GRC issue management and escalate with THR risk stakeholders if necessary.
Effectively communicate identified security risks and solutions to leadership, business partners and IT staff.
As new systems are presented, research, design, operate and advocate new technologies, architectures, and security
products that will support security requirements for the health system and its customers, business partners and vendors.
Develop and deliver business impacts and exposure, based on emerging security threats, vulnerabilities and risks and develop reports to drive high risk vulnerability efforts.
Review and stratify vulnerability management reports that include the assessment, analysis and reporting and remediation of vulnerabilities. Provide governance to ensure monitoring and tracking of vulnerability remediation
Assess and report the impact of audit and risk findings and provide ITS owners with remediation and compensating control recommendations.
Support and Evaluate/Measure the Effectiveness of Information Security Policies, Standards and Procedures
Work and foster relationship with THR stakeholders (ITS and Non ITS) on the development of Information Security policies, standards and procedures.
Lead and develop procedures for the effective risk assessments and audit of information security policies.
Provide risk based decision support in the security exception process. Also help develop and integrate the procedures and processes for the submission and management of policy exceptions.
Develop Information Security training and awareness products, track and report on Information Security awareness training effectiveness.
Develop and communicate accurate Information Security reports and presentations.
Perform ITSM Process Management
Ensure risk management team follows change management, incident and problem management processes.
Ensure all IT GRC activities are compliant with ITSM request, incident and change processes.
Ensures all systems that fall within the scope of this position's duties are fully documented including risk management activities as it relates to change advisory board.
Prioritizes team members work appropriately, carrying out and delegate assignments with the appropriate level of direction and completing tasks.
Monitors team members work progress of project status, problems or obstacles and workload problems in a timely manner while mentoring/assisting others.
Ensures team members are providing timely and accurate status reports while providing mentoring/assisting with team members and others.
Develop complete and accurate structured system acceptance test plans.
Executes testing and documents the results working independently while mentoring/assisting others.
Develop and implement installation plans working independently while mentoring/assisting others.
Provide communication to THR service desk on new processes or changes needed to support the IT risk management team.
Monitor system performance statistics to ensure changes perform within standards.
Leadership, Training, and Skills Development
Coaches, mentors,and performs employee performance reviews.
Shares work experiences and expertise with others while mentoring/assisting others.
Lead, develop and mentor IT Risk Management professionals as well as contractors, vendors and services providers.
Strives to improve business knowledge working independently, while mentoring/assisting others.
Strives to improve technical knowledge with little or no supervision.
Demonstrates comprehensive knowledge of multiple systems/applications and their integration while mentoring/assisting others.
Demonstrates comprehensive knowledge of technical tools and techniques with little or no supervision.
Provides technical guidance and/or business knowledge and direction to project team members, working independently, while mentoring/assisting others.
Monitors industry trends for applicability working independently while mentoring/assisting others.
Participates in THR Educational opportunities working independently while mentoring/assisting others.

Education
Bachelor's Degree Computer Science, Information Technology, Business or related field / 4 Years Relevant experience in lieu of a degree Required
 And
Master's Degree Computer Science, Information Technology, Business or related field Preferred
Experience
5 Years Hands-on Information Security or relevant IT experience Required
Healthcare Experience is a Plus
Progressive Leadership Experience Strongly Preferred
Cybersecurity Risk Management Experience Preferred
Licenses and Certifications
CISSP - Certified Information Systems Security Professional CISSP, CISM, CISA, CRISC or CIPP Upon Hire Required
Skills
Ability to work closely with enterprise architects, other functional area architects and security specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
Ability to support enterprise level Governance, Risk Management and Compliance activities.
Establish standards, driving designs and implementation of appropriate IT Risk management processes and controls which help improve operations and lower risk.
Support strategic and tactical security, risk mitigation and regulatory compliance guidance for all ITS projects, including the evaluation of enterprise policies, processes, operating procedures and governance controls.
Lead the development and implementation of prudent enterprise security standards, guidelines and procedures to protect the integrity, availability and privacy of all corporate information assets
Ability develop and implement policies, standards, processes and procedures that are aligned with common control
frameworks and regulatory standards such as COBIT, HIPAA/HITECH, HITRUST, NIST, ISO 27000 and PCI DSS.
Ability to develop and perform risk assessments and security review processes that are that are aligned with common control frameworks and regulatory standards such as COBIT, HIPAA/HITECH, HITRUST, NIST, ISO 27000 and PCI DSS.
Ability to develop metrics, measures and scorecards for to measure the effectiveness of the Enterprise Information Security - GRC Program.
Ability to operate GRC Technology Solutions.
Ability to support the operation and governance of Identity management / access control solutions, policies, process and technologies.
Ability to develop, integrate and conduct Security Awareness Training and Communications.
Ability to help project teams and IT owners comply with enterprise and IT security policies, industry regulations, and best practices.
Ability to contribute to the alignment of security governance with EA, IT governance, project and portfolio management and business governance activities.
Ability to research, design, operate and advocate new technologies, architectures, and security products that will support security requirements for the health system and its customers, business partners and vendors.
Ability to contribute to the development and maintenance of the information security strategy.
Ability to analyze business impact and exposure, based on emerging security threats, vulnerabilities and risks.
Ability to effectively communicate security risks and solutions to leadership, business partners and IT staff.
Why Texas Health? 

At Texas Health Resources, our mission is "to improve the health of the people in the communities we serve".

As part of the Texas Health family and its 28,000 employees, we're one of the largest employers in the Dallas Fort Worth area. Our career growth and professional development opportunities are top-notch and our benefits are equally outstanding. Come be a part of our exceptional team as we improve the health of the people in our communities every day. You belong here.

Learn more about our culture, benefits, and recent awards. 

#LI-TA1


What Texas Health Resources employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Texas Health Resources logo

About Texas Health Resources

Sourced by ZipRecruiter

Texas Health Resources is a major player in the healthcare industry, located in Arlington, TX, US. With its roots dating back to 1922, and an amalgamation of multiple area hospitals in 1982, the organization has since evolved into one of the largest faith-based, nonprofit health systems in the United States, taking care and improving the health of people in the communities it serves. Staying aligned with its aim to enhance public health, the company's core services encompass a wide range of medical treatments, general wellness programs, fitness, and rehabilitation, continually expanding its healthcare infrastructure, and establishing collaborations for advanced medical research.

Industry

Outpatient health care

Company size

10,000+ Employees

Headquarters location

Arlington, TX, US

Year founded

1997