ZipRecruiter

Log In

1

Security Risk Management Jobs in Massachusetts (NOW HIRING)

OneStudyTeam

Security Compliance Manager

Boston, MA ยท Remote

$140K - $170K/yr

Risk management program execution: Recommend and implement improvements to the information security risk management program; develop and maintain the risk register, risk ownership, and workflows for ...

AIG

Actuary - Risk Management

Boston, MA

$120K - $150K/yr

... security-as well as your professional development-to bring peace of mind to you and your family ... to manage risk, respond to times of uncertainty and discover new potential. We invest in our ...

The Mathworks

Head of Information Security

Natick, MA ยท On-site

Risk Management * Chair the Security Risk Review Board, overseeing evaluation, prioritization, and mitigation of security risks. * Lead decision-making on acceptance of residual risks and communicate ...

Saviance

Fractional CISO Consultant

Boston, MA ยท On-site

Proven experience in compliance, data privacy, and security risk management with a focus on global and regional regulations. * Expertise in cybersecurity governance, including network protocols and ...

next page

Showing results 1-20

All JobsSecurity Risk Management JobsSecurity Risk Management Jobs in Massachusetts

Security Risk Management information

See Massachusetts salary details

$11

$55

$76

How much do security risk management jobs pay per hour?

As of Jun 30, 2026, the average hourly pay for security risk management in Massachusetts is $55.05, according to ZipRecruiter salary data. Most workers in this role earn between $44.62 and $65.62 per hour, depending on experience, location, and employer.

What are the typical challenges faced by professionals in Security Risk Management, and how can they be addressed?

Professionals in Security Risk Management often encounter challenges such as rapidly evolving threats, balancing security with business operations, and ensuring organization-wide compliance with regulations. Staying current with the latest risk trends and fostering cross-department collaboration are key strategies for overcoming these obstacles. Additionally, clear communication of risks to non-technical stakeholders and ongoing training are essential for building a proactive security culture and effective risk mitigation.

Can I make $200,000 a year in cyber security?

Security Risk Management professionals can potentially earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISM, and roles in high-demand industries or senior leadership positions. Salary levels vary based on location, company size, and individual expertise, but high-level cybersecurity roles often offer compensation in this range.

Can you make $500,000 a year in cyber security?

Security Risk Management professionals can potentially earn $500,000 or more annually, especially at senior levels, in leadership roles, or within large organizations. Achieving this income typically requires extensive experience, advanced certifications like CISSP or CISM, and expertise in high-demand areas such as threat intelligence or security architecture.

Is security risk management a good career?

Security risk management is a viable career that involves identifying, assessing, and mitigating security threats to organizations. It often requires certifications such as CISSP or CISM and skills in risk analysis, security policies, and incident response. The field offers opportunities across various industries with increasing demand for cybersecurity expertise.

What is Security Risk Management?

Security Risk Management is the process of identifying, assessing, and mitigating risks to an organization's information, assets, and operations. It involves evaluating potential threats and vulnerabilities, determining their potential impact, and implementing strategies to minimize or control these risks. The goal is to protect the organization from security breaches, data loss, and other threats while ensuring compliance with legal and regulatory requirements. Security Risk Management is essential for maintaining business continuity and safeguarding reputation.

What are the key skills and qualifications needed to thrive in Security Risk Management, and why are they important?

To excel in Security Risk Management, you need a solid understanding of risk assessment frameworks, cybersecurity principles, and compliance standards, often supported by a degree in information security or related fields. Familiarity with risk management tools, security incident response systems, and certifications such as CISSP or CISM is typically required. Strong analytical thinking, communication, and decision-making skills help professionals navigate complex threats and collaborate across departments. These competencies are crucial for effectively identifying, mitigating, and communicating risks to protect organizational assets and ensure regulatory compliance.

What is the difference between Security Risk Management vs Security Analyst?

AspectSecurity Risk ManagementSecurity Analyst
CertificationsCRISC, CISSP, CISMCompTIA Security+, CISSP, CEH
Work EnvironmentStrategic, policy-focused, risk assessmentOperational, monitoring, incident response
Employer & Industry UsageOrganizations managing enterprise security risksSecurity teams, cybersecurity firms, IT departments

Security Risk Management focuses on identifying, assessing, and mitigating security risks at an organizational level, often involving policy development and strategic planning. In contrast, Security Analysts primarily monitor security systems, analyze threats, and respond to incidents. Both roles are essential but differ in scope and responsibilities within the cybersecurity field.

Is SOC 1 entry level?

SOC 1 (Service Organization Control 1) reports are audit reports used to evaluate internal controls at a service organization and are not job roles. In the context of security risk management, entry-level positions typically require foundational knowledge of security principles, certifications like CompTIA Security+ or CISSP, and experience with risk assessment tools, but SOC 1 itself is not an entry-level role.
What are popular job titles related to Security Risk Management jobs in Massachusetts? For Security Risk Management jobs in Massachusetts, the most frequently searched job titles are:
What job categories do people searching Security Risk Management jobs in Massachusetts look for? The top searched job categories for Security Risk Management jobs in Massachusetts are:
Security Risk Management jobs near you
Infographic showing various Security Risk Management job openings in Massachusetts as of June 2026, with employment types broken down into 90% Full Time, 7% Part Time, 1% Temporary, and 2% Contract. Highlights an 93% Physical, 3% Hybrid, and 4% Remote job distribution, with an average salary of $114,507 per year, or $55.1 per hour.
Senior IT Security, Risk & Compliance Analyst

Senior IT Security, Risk & Compliance Analyst

Ardelyx

Waltham, MA โ€ข On-site

$145K - $177K/yr

Full-time

Medical, Dental, Vision, Life, Retirement

Posted 12 days ago

Job description

Description
Ardelyx is a commercial-stage biopharmaceutical company focused on redefining treatment approaches for patients with significant unmet medical needs. By combining scientific innovation with a collaborative, purpose-driven culture, we strive to create meaningful impact for patients.
Team Ardelyx is united by a shared mission and guided by our core values: Passionate, Fearless, Dedicated, and Inclusive.
We foster an inclusive environment where employees are respected, supported, and empowered to make an impact - both within our company and in the lives of patients we serve.
Position Summary:
The Senior IT Security, Risk & Compliance Analyst is responsible for supporting IT compliance, risk management, and computer systems validation activities within a regulated life sciences environment. This role ensures that IT systems and processes meet applicable regulatory, security, and corporate governance requirements.
The Analyst partners with cross-functional teams to assess risk, support validation efforts, and ensure audit readiness across IT systems and projects. This role contributes to the execution of compliance processes, including change management, validation lifecycle activities, and issue resolution.
This is a hybrid role (2-3 days in office) at our Waltham, MA or Newark, CA office.
Responsibilities:
  • Advise project teams and stakeholders on validation scope, risk, and validation strategies
  • Maintain and manage the status of validated applications to ensure ongoing compliance
  • Perform audit readiness assessments and support internal and external audits
  • Participate in system and project requirements gathering, collaborating with business users and technical teams
  • Coordinate and support IT change management processes to ensure compliance with validation and regulatory requirements
  • Review system changes and provide compliance assessments, including audit-ready documentation and closure summaries
  • Investigate systems issues, deviations, and failures, including root cause analysis and support of non-conformances and CAPAs
  • Support development and execution of computer systems validation activities in alignment with regulatory expectations
  • Ensure IT systems and processes comply with applicable regulations and internal policies
  • Identify compliance risks and recommend mitigation strategies to support secure and compliant system operations
  • Collaborate with IT, Quality, and business stakeholders to support compliant system implementation and ongoing operations
  • Contribute to continuous improvement of compliance, validation, and risk management processes

Qualifications:
  • Bachelor's degree, master's degree preferred, with 8+ years of Computer Systems Validation or related experience in the life sciences industry or health sciences.
  • Strong oral and written skills to persuade, direct and advise stakeholders on regulatory compliance processes
  • Strong organizational skills to maintain and manage multiple validation projects
  • Experience collaborating with cross-functional teams and aligning on validation strategy
  • Experience validating enterprise applications and working experience with test management tools
  • Ability to articulate risk-based validation strategy and provide validation approach to meet business needs
  • Working knowledge of regulatory requirements, including 21 CFR Part 11 and other applicable GxP regulations
  • Experience with software development, lifecycle activities, methodologies, testing and validation
  • Experience with common IT infrastructure and applications, e.g., virtualization, directory services, storage, DBMS

The anticipated annualized base pay range for this full-time position is $145,000 - $177,000. Ardelyx utilizes industry data to ensure that our compensation is competitive and aligned with our industry peers. Actual base pay will be determined based on a variety of factors, including years of relevant experience, training, qualifications, and internal equity. The compensation package may also include an annual bonus target and equity awards, subject to eligibility and other requirements.
Ardelyx also offers a robust benefits package to employees, including a 401(k) plan with generous employer match, 12 weeks of paid parental leave, up to 12 weeks of living organ and bone marrow leave, equity incentive plans, health plans (medical, prescription drug, dental, and vision), life insurance and disability, flexible time off, annual Winter Holiday shut down, and at least 11 paid holidays.
Ardelyx is an equal opportunity employer.

Apply