ZipRecruiter

Log In

1

It Risk Jobs in Tennessee (NOW HIRING)

Ardent Health

IT Auditor

Brentwood, TN · On-site

The Auditor IT will be responsible for being a key player in audit engagements, including assisting with the design of audit approach to address risk, owning testing areas for review, and ...

Ardent Health

IT Auditor

Brentwood, TN · On-site

The Auditor IT will be responsible for being a key player in audit engagements, including assisting with the design of audit approach to address risk, owning testing areas for review, and ...

TNBR Careers

Director - IT Security

Memphis, TN · On-site

Title: Director - IT Security Employee Classification: Other Professionals Institution: Southwest ... The Director will guide security-related decisions, proactively manage risk, and promote a culture ...

International Paper Company

IT Vendor Manager

Memphis, TN · On-site

$101K - $134K/yr

As an IT Vendor Manager, you will operate at the intersection of technology, finance, risk, and operations to ensure IP maximizes value from its strategic technology vendors. The most critical of ...

International Paper

IT Vendor Manager

Memphis, TN

$101K - $134K/yr

As an IT Vendor Manager, you will operate at the intersection of technology, finance, risk, and operations to ensure IP maximizes value from its strategic technology vendors. The most critical of ...

Armaninollp

Senior Consultant, IT SOX IA

Nashville, TN · On-site

$90.80K - $119.30K/yr

Professional certification such as CISA, CIA, CPA, or other relevant audit / IT risk certification (active or in progress) * Experience working in SAP environments, including exposure to SAPrelated ...

next page

Showing results 1-20

People also search for

All JobsIt Risk JobsIt Risk Jobs in Tennessee

It Risk information

See Tennessee salary details

$13

$27

$67

How much do it risk jobs pay per hour?

As of May 29, 2026, the average hourly pay for it risk in Tennessee is $27.53, according to ZipRecruiter salary data. Most workers in this role earn between $17.69 and $35.14 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an IT Risk professional, and why are they important?

To thrive as an IT Risk professional, you need a strong understanding of information security principles, risk management frameworks, and relevant regulations, typically supported by a degree in information technology or cybersecurity. Familiarity with risk assessment tools, GRC (Governance, Risk, and Compliance) systems, and certifications such as CISM or CISSP is highly valued. Analytical thinking, attention to detail, and effective communication are vital soft skills for identifying vulnerabilities and collaborating with stakeholders. These competencies are crucial for proactively managing threats and ensuring the organization's information assets remain secure and compliant.

What are some common challenges faced by IT Risk professionals when working with cross-functional teams?

IT Risk professionals often collaborate with various departments such as IT, compliance, finance, and operations. A common challenge is effectively communicating technical risks in terms that non-technical stakeholders can understand, ensuring alignment on priorities and mitigation strategies. Navigating differing risk tolerances and balancing business needs with security requirements can also present difficulties. Building strong relationships and fostering ongoing dialogue are key to overcoming these challenges and ensuring successful risk management across the organization.

What is IT risk?

IT risk refers to the potential for losses or negative impacts to an organization resulting from the use of information technology. This includes threats such as data breaches, cyberattacks, system failures, and non-compliance with regulations. IT risk management involves identifying, assessing, and mitigating these risks to protect an organization’s information assets and ensure business continuity.

What is the difference between It Risk vs Cybersecurity Analyst?

AspectIt RiskCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRisk management teams, compliance departmentsSecurity operations centers, IT departments
Employer & Industry UsageFinancial, healthcare, and large enterprisesTech firms, finance, government agencies

It Risk professionals focus on identifying, assessing, and mitigating risks related to IT systems and compliance. Cybersecurity Analysts primarily monitor and respond to security threats and incidents. While both roles require similar certifications and work in overlapping environments, It Risk emphasizes risk management strategies, whereas Cybersecurity Analysts concentrate on security operations and threat response.

What are the most commonly searched types of It Risk jobs in Tennessee? The most popular types of It Risk jobs in Tennessee are:
It Risk jobs near you
Infographic showing various It Risk job openings in Tennessee as of May 2026, with employment types broken down into 82% Full Time, 10% Part Time, 3% Contract, and 5% Nights. Highlights an 97% Physical, 2% Hybrid, and 1% Remote job distribution, with an average salary of $57,270 per year, or $27.5 per hour.

Director of IT Governance, Risk and Compliance

orionfcu

Memphis, TN

Other

Posted 8 days ago

Job description

POSITION PURPOSE

The Director of IT Governance, Risk and Compliance provides strategic leadership and oversight of the organization's IT risk posture, governance frameworks, and regulatory compliance within a financial services environment. This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The director serves as a key liaison to regulators and internal audit, leads enterprise IT risk programs, and partners closely with information security, legal, compliance, and business units to proactively identify, assess, and mitigate risk across systems, vendors, and emerging technologies.

ESSENTIAL FUNCTIONS AND BASIC DUTIES

1.    Define And maintain the IT risk management framework, ensuring alignment with enterprise risk appetite and business strategy.
2.    Develop and execute a multi year IT risk maturity road map, including governance, controls, and reporting enhancements.
3.    Provide executive level and board reporting on IT risk posture, trends, and emerging threats.
4.    Establish and oversee IT governance structures, policies, standards, and procedures.
5.    Lead enterprise IT risk assessments, including infrastructure, applications, and security architecture reviews.
6.    Identify vulnerabilities, evaluate risk exposure, and ensure timely mitigation of identified issues.
7.    Oversee risk acceptance processes and provide escalation authority for material IT and security risks.
8.    Review and challenge risk decisions, ensuring consistency with organizational risk tolerance.
9.    Serve as primary point of contact for IT regulatory examinations and audits.
10.    Manage IT exam life cycle, including preparation, coordination, and response.
11.    Oversee tracking, reporting, and remediation of IT findings from regulators and internal/ external audits.
12.    Maintain comprehensive documentation of audits, findings, and corrective actions.
13.    Interpret and operationalize regulatory requirements related to IT systems, data protection, and information security to include SOX, data privacy laws, and financial regulations.
14.    Develop and implement strategies to ensure ongoing compliance with applicable laws and standards.
15.    Partner with legal and compliance teams to monitor regulatory changes and assess impact on IT controls.
16.    Provide oversight of IT risk associated with third party vendors, including material risk vendor reviews and escalations.
17.    Collaborate with vendor management teams to ensure adequate controls and risk mitigation strategies.
18.    Assess risks associated with new technologies, products, and services, ensuring appropriate governance and control implementation.
19.    Partner closely with information security to align on security controls, risk assessments, and remediation priorities.
20.    Work with business and technology stakeholders to embed risk management practices into day-to-day operations.
21.    Promote a strong risk-aware culture across the organization.

QUALIFICATIONS

EDUCATION/CERTIFICATION: Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field. Advanced degree preferred. Relevant certifications preferred (e.g., CISM, CRISC, CISSP, CISA)
REQUIRED KNOWLEDGE: Strong understanding of SOX, data privacy regulations, and technology compliance requirements.

EXPERIENCE REQUIRED: Ten or more (10+) years of progressive experience in IT risk management, IT audit, information security, or governance within financial services or a highly regulated industry.
Deep expertise in IT risk frameworks, such as NIST, COBIT, ISO 27001, and regulatory environments.
Proven experience managing regulatory exams and audit engagements.

SKILLS/ABILITIES:

Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership.
Demonstrated ability to lead complex risk programs and influence senior stakeholders, including executive leadership.
Very strong analytical & problem-solving skills

Apply