ZipRecruiter

Log In

1

It Risk Manager Jobs in Washington (NOW HIRING)

Freddie Mac

Technology Operations Risk Senior

Mclean, VA ยท On-site

... manage technology and operational risks. This role operates with a high degree of autonomy and ... Typically 5 - 7 years of experience in technology risk, operational risk, IT operations, audit ...

IMR Soft Llc

Risk Manager

Mclean, VA ยท On-site

$55 - $60/hr

Bachelor's degree in Information Technology or Risk Management (or equivalent professional qualification), Master's Degree desirable

INSPYR Solutions

Technical Risk Analyst

Vienna, VA ยท On-site

The ideal candidate will have experience working with IT security controls, risk management practices, compliance frameworks, or audit activities and possess strong analytical and documentation ...

next page

Showing results 1-20

All JobsIt Risk Manager JobsIt Risk Manager Jobs in Washington

It Risk Manager information

See Washington salary details

$58.3K

$126.3K

$192.5K

How much do it risk manager jobs pay per year?

As of Jun 28, 2026, the average yearly pay for it risk manager in Washington is $126,348.00, according to ZipRecruiter salary data. Most workers in this role earn between $101,900.00 and $146,100.00 per year, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

Do risk managers make good money?

Risk managers typically earn competitive salaries that vary based on experience, industry, and location. According to industry data, median annual pay ranges from $80,000 to over $130,000, with higher earnings possible for those with certifications like FRM or CRM and extensive experience. They often work in corporate environments, analyzing and mitigating financial, operational, or cybersecurity risks.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

Risk managers typically earn a median annual salary of around $100,000, with salaries ranging from approximately $70,000 to over $150,000 depending on experience, industry, and location. Professionals often hold certifications like CRM or FRM and work in finance, insurance, or corporate sectors.

Are risk managers in high demand?

Risk managers are in high demand across various industries due to increasing concerns about cybersecurity, compliance, and operational risks. Employers seek professionals with skills in risk assessment, mitigation strategies, and certifications like FRM or CRM, making it a growing field with strong job prospects.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What are popular job titles related to It Risk Manager jobs in Washington? For It Risk Manager jobs in Washington, the most frequently searched job titles are:
What job categories do people searching It Risk Manager jobs in Washington look for? The top searched job categories for It Risk Manager jobs in Washington are:
What cities in Washington are hiring for It Risk Manager jobs? Cities in Washington with the most It Risk Manager job openings:
It Risk Manager jobs near you
Infographic showing various It Risk Manager job openings in Washington as of June 2026, with employment types broken down into 83% Full Time, 12% Part Time, and 5% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $126,348 per year, or $60.7 per hour.
SOX & Internal Controls Compliance IT Manager, CoStar Group - Arlington, VA

SOX & Internal Controls Compliance IT Manager, CoStar Group - Arlington, VA

CoStar Group

Arlington, VA โ€ข On-site

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 28 days ago

Job description

SOX & Internal Controls Compliance IT Manager, CoStar Group - Arlington, VA
Job Description
Who is CoStar Group?
CoStar Group (NASDAQ: CSGP) is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the world's real estate, empowering all people to discover properties, insights and connections that improve their businesses and lives.
We have been living and breathing the world of real estate information and online marketplaces for over 35 years, giving us the perspective to create truly unique and valuable offerings to our customers. We've continually refined, transformed, and perfected our approach to our business, creating a language that has become standard in our industry, for our customers, and even our competitors. We continue that effort today and are always working to improve and drive innovation. This is how we deliver for our customers, our employees, and investors. By equipping the brightest minds with the best resources available, we provide an invaluable edge in real estate.
Role Overview: SOX & Internal Controls Compliance IT Manager
Arlington, VA | In office, Monday-Friday
Responsibilities
  • Support Sarbanes-Oxley ("SOX") compliance, internal controls, and enterprise risk management ("ERM") assessments.

  • Assist with implementing the SOX compliance programs, including, but not limited to the following activities:

  • Conducting risk assessments and system scoping

  • Conducting walkthroughs and documenting end-to-end technology processes, identifying risks and key controls, using narratives

  • Documenting and assessing the design and effectiveness of key IT general controls ("ITGC") and IT application controls ("ITAC")

  • Executing testing to validate the operating effectiveness of controls

  • Evaluating controls deficiencies to determine impact and significance

  • Identifying and implementing effective and efficient plans to remediate control deficiencies

  • Summarizing and documenting results of work performed including management reporting

  • Execute internal controls and IT risk management activities to support our risk management initiatives.

  • Ensure robust IT General Controls over:

  • Logical access management

  • Role-based security and segregation of duties

  • Change management

  • System interfaces and data integrity

  • Configuration controls

  • Oversee periodic user access reviews and segregation of duties analyses.

  • Coordinate with IT and Information Security to align financial systems governance with enterprise cybersecurity standards.

  • Assess technology risks and internal control solutions associated with ERP, SaaS, IT infrastructure and cloud platforms.

  • Create and deliver presentations on technical concepts, project work plans, delivery approach, milestones, and results to key stakeholders.

  • Deliver efficient and effective approaches to implement and assess risks relating to information security and change management.

  • Implement data analytics to enhance approaches to internal control assessments.

  • Work effectively across different groups within the company (technology, accounting, finance, operations.

Basic Qualifications
  • Bachelor's degree required in Information Systems, Accounting, Finance, or related field from an accredited, not-for-profit, in-person college/university.

  • A track record of commitment to prior employers.

  • 7-8+ years of professional services experience with applicable IT risk management and internal controls experience.

  • One or more of the following risk related certifications is preferred: CPA, CIA, CISA, or CISSP.

  • Track record of technical expertise with SOX, IT risk management and internal controls assessments.

  • Deep knowledge of SOX compliance and PCAOB requirements:

  • SOX 404 and COSO framework

  • IT General Controls (ITGCs)

  • Segregation of duties architecture

  • ERP and financial systems governance

  • Experience implementing and assessing controls over highly automated business processes.

  • Knowledge of emerging technology risks, including cloud computing, agile development, cybersecurity, and privacy.

  • Knowledge of best practices for authentication, authorization and change management.

  • Ability to manage and prioritize assignments while meeting deadlines and maintaining attention to detail.

  • Excellent analytical, problem-solving, and critical thinking skills to assess complex IT risks and identify appropriate control enhancements.

  • Exceptional verbal and written communication skills, with the ability to effectively communicate technical concepts to non-technical stakeholders.

  • Experience in a publicly traded company ($1B+ revenue) or Big 4 experience required.

Preferred Qualifications
  • 7-8+ years of experience in IT auditing, or IT compliance or IT risk management, preferably within a large organization or a public accounting firm.

  • Knowledge and application of IT controls and governance frameworks such as SOC 1/2, COBIT, NIST (CSF, 800-53, and 800-171), ITIL, ISO 27001/2, and best practices.

  • Experience on ERP applications such as Oracle Cloud.

  • Proven experience in executing technology audits, including evaluating IT general controls, application controls, and data integrity.

  • Global, multi-entity experience preferred.

What's in it for you?
If you are a driven professional looking for a high-growth, high-reward career, CoStar Group offers the ideal opportunity. Be part of a best-in-class company with strong year-over-year growth that invests in your success. Enjoy a rewarding atmosphere where you can learn, excel, and grow.
When you join CoStar Group, you'll experience a collaborative and innovative culture working alongside the best and brightest to empower our people and customers to succeed.
We offer you generous compensation and performance-based incentives. CoStar Group also invests in your professional and academic growth with internal training and tuition reimbursement.
Our benefits package includes (but is not limited to):
  • Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug

  • Life, legal, and supplementary insurance

  • Virtual and in person mental health counseling services for individuals and family

  • Commuter and parking benefits

  • 401(K) retirement plan with matching contributions

  • Employee stock purchase plan

  • Paid time off

  • Tuition reimbursement

  • On-site fitness center and/or reimbursed fitness center membership costs (location dependent)

  • Access to CoStar Group's Diversity, Equity, & Inclusion Employee Resource Groups

  • Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and other healthy snacks

Sponsorship
We welcome all qualified candidates who are currently eligible to work full-time in the United States to apply. However, please note that CoStar Group is not able to provide visa sponsorship for this position.
#LI-KC3
CoStar Group is an Equal Employment Opportunity Employer; we maintain a drug-free workplace and perform pre-employment substance abuse testing

Apply