1

It Risk Jobs in Virginia (NOW HIRING)

The winning candidate will be responsible for managing IT audit and risk/security assessment engagements. This individual will be tasked with scoping, planning, executing, and reviewing audit and ...

Be Seen First

IT Audit Manager

Chesapeake, VA · On-site

$100K - $115K/yr

Conduct and manage risk-based IT audits covering cybersecurity, data privacy, ERP systems, cloud ... Understanding of cybersecurity, cloud technologies, IT governance, and system implementation ...

Manager - Cyber Risk & Analysis As a Technology Risk Manager, you will drive strategy and execute ... Please note that this salary information is solely for candidates hired to perform work within one ...

Manager - Cyber Risk & Analysis As a Technology Risk Manager, you will drive strategy and execute ... Please note that this salary information is solely for candidates hired to perform work within one ...

next page

Showing results 1-20

It Risk information

See Virginia salary details

$14

$30

$73

How much do it risk jobs pay per hour?

As of Jul 7, 2026, the average hourly pay for it risk in Virginia is $30.08, according to ZipRecruiter salary data. Most workers in this role earn between $19.33 and $38.37 per hour, depending on experience, location, and employer.

What is IT risk?

IT risk refers to the potential for losses or negative impacts to an organization resulting from the use of information technology. This includes threats such as data breaches, cyberattacks, system failures, and non-compliance with regulations. IT risk management involves identifying, assessing, and mitigating these risks to protect an organization’s information assets and ensure business continuity.

What is the difference between It Risk vs Cybersecurity Analyst?

AspectIt RiskCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRisk management teams, compliance departmentsSecurity operations centers, IT departments
Employer & Industry UsageFinancial, healthcare, and large enterprisesTech firms, finance, government agencies

It Risk professionals focus on identifying, assessing, and mitigating risks related to IT systems and compliance. Cybersecurity Analysts primarily monitor and respond to security threats and incidents. While both roles require similar certifications and work in overlapping environments, It Risk emphasizes risk management strategies, whereas Cybersecurity Analysts concentrate on security operations and threat response.

What are the key skills and qualifications needed to thrive as an IT Risk professional, and why are they important?

To thrive as an IT Risk professional, you need a strong understanding of information security principles, risk management frameworks, and relevant regulations, typically supported by a degree in information technology or cybersecurity. Familiarity with risk assessment tools, GRC (Governance, Risk, and Compliance) systems, and certifications such as CISM or CISSP is highly valued. Analytical thinking, attention to detail, and effective communication are vital soft skills for identifying vulnerabilities and collaborating with stakeholders. These competencies are crucial for proactively managing threats and ensuring the organization's information assets remain secure and compliant.

What are some common challenges faced by IT Risk professionals when working with cross-functional teams?

IT Risk professionals often collaborate with various departments such as IT, compliance, finance, and operations. A common challenge is effectively communicating technical risks in terms that non-technical stakeholders can understand, ensuring alignment on priorities and mitigation strategies. Navigating differing risk tolerances and balancing business needs with security requirements can also present difficulties. Building strong relationships and fostering ongoing dialogue are key to overcoming these challenges and ensuring successful risk management across the organization.
What are the most commonly searched types of It Risk jobs in Virginia? The most popular types of It Risk jobs in Virginia are:
What cities in Virginia are hiring for It Risk jobs? Cities in Virginia with the most It Risk job openings:
Infographic showing various It Risk job openings in Virginia as of July 2026, with employment types broken down into 1% As Needed, 76% Full Time, 19% Part Time, and 4% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $62,558 per year, or $30.1 per hour.
IT Audit Manager

IT Audit Manager

Secureit

Reston, VA • On-site

Full-time

Re-posted 3 days ago


Job description

Description:
SecureIT is looking for an experienced IT Audit Manager to join our team. The winning candidate will be responsible for managing IT audit and risk/security assessment engagements. This individual will be tasked with scoping, planning, executing, and reviewing audit and assessment projects for mid-sized to large public companies, as well as OIG-sponsored audits of large government agencies. As a "working project manager," this position will perform detailed assessment fieldwork and other project activities such as report writing. These project activities will focus on more challenging assignments and technical security work. Ideally, this position will serve as a Subject Matter Expert (SME) and mentor to others regarding security threats, configurations, vulnerabilities, and assessment tools/techniques at all system layers (host, database, network, web, and application layers), as well more general IT audit practices and methodologies. Other assigned tasks include quality assurance, client relationship management, and assistance with business development.
Organizational Relationships: Reports directly to Senior Vice President, Commercial Programs
Duties and Responsibilities:
  • Perform IT audits, risk assessments, and security reviews, particularly those requiring complex, judgmental and/or specialized knowledge
  • (Preferred) Perform technical security "deep dive" assessments, including: configuration reviews of OS/Db/web/network infrastructure, vulnerability assessments and light penetration testing (network and web application), and audits of system logging, event management and incident detection/response capabilities
  • Provide technical expertise and direction in the areas of security and IT risk/control
  • Identify meaningful findings and present/defend findings and recommendations to client technical and management personnel.
  • Develop project plans, identify and mitigate project risk, and manage project activities to meet budgets, profitability, and milestone targets
  • Manage engagements that focus on the assessment and mitigation of IT-related risks, with a common focus on security risk
  • Review project artifacts to ensure that conclusions are well-supported and that deliverables submitted to clients are high quality
  • Supervise, guide, and mentor less experienced team members
  • Write and fine-tune reports to communicate risk and security issues in the appropriate context for the assignment
  • Maintain client relationships and manage client expectations for projects
  • Assist in business development, including identifying prospects, defining projects, writing proposals, and representing SecureIT at sales meetings

Requirements:
  • Bachelor's or master's degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
  • CISA, CISSP, or CISM certification
  • A minimum of 6-8+ years of experience working as an IT/security auditor or risk adviser for a public accounting firm, a professional services firm, or within industry
  • Mastery of IT audit and security assessment skills
  • Knowledge of technical security and control standards, tools, and techniques
  • Focus on technical security knowledge of multiple platforms and vulnerability assessment & penetration testing capabilities (preferred)
  • Strong meeting facilitation, presentation, report-writing, and problem solving skills
  • Proven ability to meet deadlines, manage milestones and budgets for multiple concurrent projects, and supervise audit staff
  • Collaborative working style to develop/sustain productive work relationships and inspire teamwork with project constituencies

Please email resume with cover letter to resumes@secureit.com. To learn more about SecureIT, please visit www.secureit.com.
EOE