1

It Risk Manager Jobs in Naperville, IL (NOW HIRING)

Senior Associate, IT Internal Audit

Chicago, IL ยท On-site

$87K - $108K/yr

Work with client senior management to design, and implement new IT risk and control frameworks, sustainable solutions (including, applying knowledge of governance, risk and security tools), operating ...

Senior IT SOX Manager Chicago, IL | Hybrid OR Remote if not in Chicago Our purpose is to transform ... Lead annual and quarterly IT risk assessments and SOX scoping to ensure appropriate systems ...

IT Audit Manager, Sr

Chicago, IL ยท On-site

$199K/yr

The IT Audit Manager, Sr works closely with IT/Risk management to understand products, organizational initiatives and systems, and provide quality audit services which meet department and ...

This role ensures assessment, design, and implementation of SAP GRC security and IT risk solutions. The IT Product Manager, SAP Security will work directly with Business leaders, IT Leaders and ...

next page

Showing results 1-20

It Risk Manager information

See Naperville, IL salary details

$51.4K

$111.4K

$169.7K

How much do it risk manager jobs pay per year?

As of Jul 19, 2026, the average yearly pay for it risk manager in Naperville, IL is $111,390.00, according to ZipRecruiter salary data. Most workers in this role earn between $89,900.00 and $128,800.00 per year, depending on experience, location, and employer.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What is the highest salary for a risk manager?

The highest salary for an IT Risk Manager can exceed $150,000 annually, especially for those with extensive experience, advanced certifications like CRISC or CISSP, and working in large organizations or financial institutions. Senior risk managers or those in managerial or executive roles may earn even higher compensation, including bonuses and benefits.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

Is risk a good career?

A career as an IT Risk Manager is considered stable and in demand, as organizations prioritize cybersecurity and risk mitigation. The role requires strong analytical skills, knowledge of security frameworks, and often certifications like CISSP or CRISC. It offers opportunities for advancement and specialization in a growing field.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

How much does a risk manager get paid?

A risk manager's average salary varies by experience and location but typically ranges from $80,000 to $150,000 annually. Senior risk managers or those with specialized certifications like FRM or CRM can earn higher salaries, especially in large organizations or financial sectors.

What is the role of IT risk manager?

An IT risk manager is responsible for identifying, assessing, and mitigating information technology risks within an organization. They develop security policies, implement controls, and ensure compliance with industry standards to protect digital assets and infrastructure. Strong knowledge of cybersecurity, risk management frameworks, and relevant certifications like CISSP or CISM are often required.
What are popular job titles related to It Risk Manager jobs in Naperville, IL? For It Risk Manager jobs in Naperville, IL, the most frequently searched job titles are:
What job categories do people searching It Risk Manager jobs in Naperville, IL look for? The top searched job categories for It Risk Manager jobs in Naperville, IL are:
What cities near Naperville, IL are hiring for It Risk Manager jobs? Cities near Naperville, IL with the most It Risk Manager job openings:
Infographic showing various It Risk Manager job openings in Naperville, IL as of July 2026, with employment types broken down into 1% As Needed, 73% Full Time, 20% Part Time, 4% Contract, and 2% Nights. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $111,390 per year, or $53.6 per hour.
Senior Associate, IT Internal Audit

Senior Associate, IT Internal Audit

KPMG

Chicago, IL โ€ข On-site

$87K - $108K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Re-posted 7 days ago


Job description

The KPMG Advisory practice is at the forefront of transformation, offering excellent opportunities for individuals to advance their careers and expertise with KPMG. Looking ahead, we anticipate continued evolution and success within the practice, fostering both personal and professional development, thereby creating new pathways for growth. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility, and leading market tools, we help our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.
KPMG is currently seeking a Senior Associate, IT Internal Audit to join our Audit and Assurance practice.
Responsibilities :
  • Design, coordinate, and oversee the day-to-day activities related to client engagements in one or more areas such as, Information Technology (IT) strategy and transformation programs, agile software development/DevOps, business continuity and disaster recovery, cybersecurity, cloud providers and other third parties; data management/governance, emerging technology such as AI, automation (robotics, cognitive, and more), and projects, General IT controls (GITCs) and application controls testing, and regulatory/compliance requirements such as Sarbanes Oxley (SOX), FedRAMP and Payment Card Industry (PCI)Review clients' IT traditional and agile processes as well as tools for security, resiliency and DevOps controls against leading practice, industry, or client frameworks; assess capability maturity, identify gaps in design and execution of the controls, as well as communicate issues and recommendations to senior management within Financial Services, Consumer and Retail, Industry Manufacturing, Energy, Technology industries
  • Work with client senior management to design, and implement new IT risk and control frameworks, sustainable solutions (including, applying knowledge of governance, risk and security tools), operating processes and people models to address key and evolving risks, as necessary
  • Complete comprehensive executive summary, final reports, and deliver to client senior management; document and review engagement workpapers in accordance with KPMG requirements as well as common industry practice for internal audit and risk consulting client engagements; Lead efforts in developing and contributing content to related KPMG knowledge bases and internal practice development initiatives, including but not limited to research, thought leadership, marketing collateral, and share forums/peer exchange materials

Qualifications:
  • Minimum two years of recent experience working within IT risk (first line or second line of defense), cybersecurity, internal audit or IT compliance function as an internal employee; similar role as part of a professional services firm
  • Bachelor's degree from an accredited college/university in an appropriate field; CISA, CISM, CISSP, CRISC or similar certifications preferred; master's degree from an accredited college/university preferred; one or more enterprise technology vendor certifications from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, GitHub, Artifactory, Atlassian, or GitLab preferred
  • Prior knowledge in IT risk consulting, IT process re-engineering, IT audit, and IT internal controls engagements, leveraging IT governance and control frameworks such as Control Objectives for Information and Related Technologies (COBIT), NIST Cybersecurity framework (CSF), NIST 800-53, IIA GTAG, Cloud Security Alliance, Capability Maturity Model Integration (CMMI), and Information Technology Infrastructure Library (ITIL) and proficiency in core requirements and methodologies for Sarbanes-Oxley (SOX) internal control programs
  • Experience with IT risk management operating models, three lines-of-defense frameworks, integrated risk management practices, and/or risk intelligence capabilities
  • Understanding of commonly used enterprise technology infrastructure, Continuous Integration and Continuous Delivery (CI-CD) pipelines and DevOps management products/solutions from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, Jenkins, GitHub, Artifactory, Atlassian, or GitLab preferred
  • Strong communication skills, technical knowledge, and the ability to write at a publication quality level in order to communicate findings and recommendations to the clients and senior management team
  • Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa); ability to travel as necessary

KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work .
Follow this link to obtain salary ranges by city outside of CA:
https://kpmg.com/us/en/how-we-work/pay-transparency.html/?id=M122ADV_4_26 California Salary Range: $95095 - $161000
KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.
KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them.
Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.