1

Senior Technology Risk Management Jobs in Colorado

Position Overview The Director, Cyber Risk leads Asurion's cyber and technology risk management ... Operationalize the risk appetite and tolerance framework with the CISO and senior leadership; own ...

Hydrostor, a leading energy storage, technology and infrastructure company dedicated to developing ... Effectively communicate status and provide risk reporting to senior management and other key ...

Cyber and Tech Risk UW SR

Denver, CO · On-site

$101K - $119K/yr

This role builds and manages strong broker relationships, provides market insight in a rapidly evolving cyber risk landscape, and positions the organization as a leader in the primary cyber market.

Cyber and Tech Risk UW SR

Arvada, CO · On-site +1

$100K - $119K/yr

Our cyber offerings are supported by proactive risk management services and data driven insights ... Position will be Remote - US based About the Role The Senior Cyber & Technology Risk Underwriter is ...

Enterprise Risk Management Specialist

Denver, CO · On-site

$100K/yr

With our significant investment in technology and infrastructure, we strive to maximize the value ... Commission periodic independent reviews of the ERM program and present findings to senior ...

Enterprise Risk Management Specialist

Aurora, CO · On-site

$100K/yr

With our significant investment in technology and infrastructure, we strive to maximize the value ... Commission periodic independent reviews of the ERM program and present findings to senior ...

next page

Showing results 1-20

Senior Technology Risk Management information

What does a technology risk manager do?

A technology risk manager identifies, assesses, and mitigates risks related to information technology and cybersecurity within an organization. They develop policies, implement controls, and monitor systems to ensure data security and compliance, often using tools like risk assessment frameworks and security protocols. Strong analytical skills and knowledge of industry standards such as ISO 27001 or NIST are essential for this role.

How much does a senior technology risk analyst make at Fidelity?

A senior technology risk analyst at Fidelity typically earns between $90,000 and $130,000 annually, depending on experience, location, and certifications. The role often requires knowledge of risk assessment tools and regulatory compliance standards.

What is the highest salary for a risk manager?

Senior Technology Risk Management professionals can earn salaries up to $150,000 or higher annually, depending on experience, certifications, and the size of the organization. Top earners in this field often have advanced skills in cybersecurity, compliance, and risk assessment, and may receive bonuses or other incentives.

How does a Senior Technology Risk Management professional typically collaborate with other departments within an organization?

A Senior Technology Risk Management professional regularly works with teams across IT, compliance, internal audit, and business units to identify, assess, and mitigate technology-related risks. This collaboration often involves participating in cross-functional meetings, providing guidance on risk controls, and ensuring that technology initiatives align with the overall risk appetite of the organization. Strong communication skills are essential, as the role requires translating complex technical risks into actionable recommendations for non-technical stakeholders. Building solid relationships with various departments is crucial to effectively manage and respond to emerging risks.

What are the key skills and qualifications needed to thrive as a Senior Technology Risk Management professional, and why are they important?

To thrive as a Senior Technology Risk Management professional, you need a deep understanding of IT risk frameworks, cybersecurity principles, and regulatory requirements, often supported by a degree in information security or related fields and certifications like CISA, CISSP, or CRISC. Familiarity with risk assessment tools, GRC (Governance, Risk, and Compliance) platforms, and incident management systems is typically required. Strong analytical thinking, communication skills, and stakeholder management abilities help professionals excel in this role. These skills and qualities are vital for effectively identifying, assessing, and mitigating technology risks to protect organizational assets and ensure regulatory compliance.

What is the difference between Senior Technology Risk Management vs Cybersecurity Analyst?

AspectSenior Technology Risk ManagementCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, policy development, strategic planningMonitoring security systems, incident response, vulnerability assessment
Employer & Industry UsageFinancial, healthcare, large enterprisesIT firms, government agencies, tech companies

While both roles focus on security, Senior Technology Risk Management emphasizes strategic risk assessment and mitigation planning, whereas Cybersecurity Analysts focus on technical security operations and incident response. The roles often collaborate but differ in scope and daily responsibilities.

What is the highest paying risk management job?

In risk management, senior roles such as Chief Risk Officer (CRO) or Director of Risk Management tend to have the highest salaries, often exceeding six figures annually. These positions require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills, especially in financial services, insurance, or large corporations.

What is Senior Technology Risk Management?

Senior Technology Risk Management refers to a leadership role responsible for identifying, assessing, and mitigating technology-related risks within an organization. Professionals in this position develop risk management strategies, ensure compliance with regulations, and oversee the implementation of security controls to protect information systems. They collaborate with IT, business, and compliance teams to address vulnerabilities and respond to emerging threats. Their work helps safeguard critical assets and supports the organization's overall risk management framework.
What are the most commonly searched types of Technology Risk Management jobs in Colorado? The most popular types of Technology Risk Management jobs in Colorado are:
What are popular job titles related to Senior Technology Risk Management jobs in Colorado? For Senior Technology Risk Management jobs in Colorado, the most frequently searched job titles are:
What job categories do people searching Senior Technology Risk Management jobs in Colorado look for? The top searched job categories for Senior Technology Risk Management jobs in Colorado are:
What cities in Colorado are hiring for Senior Technology Risk Management jobs? Cities in Colorado with the most Senior Technology Risk Management job openings:
Director, Cyber Risk

Other

Posted 10 days ago


Asurion rating

7.2

Company rating: 7.2 out of 10

Based on 84 frontline employees who took The Breakroom Quiz

120th of 208 rated it services


Job description

Position Overview

The Director, Cyber Risk leads Asurion's cyber and technology risk management discipline and is accountable for a consistent, outcome-driven program the business can rely on for decision-making. This strategic, cross-functional leader owns the end-to-end cyber risk lifecycle-identification, assessment, quantification, treatment, acceptance, monitoring, and reporting-along with the cyber risk register, risk appetite and tolerance framework, control assurance, and issues management. The Director partners closely with first-line control owners across security and technology, Portfolio Information Security Officers (PISOs), and key stakeholders in Enterprise Risk Management, Internal Audit, Legal, and Privacy. This role sets the standard for sound risk judgment, develops a high-performing team, and translates complex cyber risk into clear, defensible narratives for senior leadership and the board. This is a salaried, leadership role with enterprise impact, guiding a multi-year maturity uplift from ad hoc practices to scalable, evidence-based risk management.

Key Responsibilities
  • Own and continuously improve the cyber and technology risk management framework, methodology, taxonomy, and lifecycle aligned to NIST CSF 2.0, ISO 27001/27005, and applicable regulatory obligations.
  • Define standards, procedures, and rating scales for consistent enterprise-wide risk identification, assessment, and reporting; partner with the PISO model to ensure common language and practices across portfolios.
  • Lead enterprise cyber risk assessments across technology, business, regulatory, and emerging-risk domains to produce consistent, defensible determinations.
  • Establish and operate a cyber risk quantification capability (e.g., FAIR-based) to express risk in business and financial terms and inform prioritization and investment decisions.
  • Maintain the enterprise cyber risk register; ensure risks are well-described, owned, rated, and tracked to acceptable residual levels; develop and manage KRI/KCI programs for forward-looking posture.
  • Operationalize the risk appetite and tolerance framework with the CISO and senior leadership; own risk acceptance and exception governance with clear, auditable documentation and time-bound approvals.
  • Govern cyber risk policy structure, ownership, review cadence, and exception handling; chair or support cyber risk forums and escalate decisions to appropriate authority levels.
  • Lead second-line, risk-based assurance over design and operating effectiveness of key cyber controls in coordination with first-line and Internal Audit; identify thematic weaknesses and drive structural remediation.
  • Own issues and remediation management-intake, prioritization, owner assignment, tracking to closure, and escalation of aging items.
  • Define and report outcome-focused metrics (e.g., residual risk trends, out-of-appetite reduction, early-versus-late finding ratios, incidents tied to accepted risk) in executive- and board-ready formats.
  • Serve as primary point of contact for cyber risk in regulatory exams, audits, and carrier-partner due diligence.
  • Integrate cyber risk into Enterprise Risk Management to ensure consistency in enterprise risk reporting and governance; partner with Legal, Privacy, Procurement, and technology leaders to embed risk-informed decisions.
  • Oversee vendor/third-party risk within the cyber risk portfolio to ensure supply-chain risk is governed in line with enterprise practices.
  • Build, lead, and develop a team of senior managers and analysts; set objectives, manage performance, and scale capacity through process improvement, tooling, and appropriate AI-assisted workflows.
Education and Experience
  • Bachelor's degree in a related field or equivalent professional experience.
  • 10+ years in cybersecurity, IT/technology risk, or GRC, including 5+ years leading managers or multiple teams/domains.
  • Proven experience designing, leading, or substantially maturing an end-to-end enterprise cyber/IT risk management program.
  • Deep knowledge of NIST CSF 2.0, ISO 27001/27005, relevant regulatory regimes, and the three-lines-of-defense model.
  • Experience operating a risk register, risk appetite/tolerance framework, and risk acceptance/exception governance.
  • Hands-on experience with GRC/IRM platforms (e.g., ServiceNow IRM, Archer, OneTrust, or comparable).
  • Excellent executive communication skills with a track record of briefing senior leadership and boards.
  • Strong cross-functional influence partnering across security, technology, legal, privacy, and business teams.
  • Preferred: CRISC, CISSP, CISM, or CISA; FAIR-based quantification experience; background in regulated or consumer-facing environments; experience with ERM integration and executive/board risk committees; Master's degree in a related field.
Knowledge, Skills, and Abilities
  • Strategic risk leadership with the ability to connect cyber risk to business outcomes and investment decisions.
  • Sound, defensible judgment under uncertainty; skilled in risk trade-offs and acceptance decisions.
  • Expertise in risk quantification, KRI/KCI design, and outcome-based program metrics.
  • Strong governance and policy acumen, including appetite/tolerance, exceptions, and escalation pathways.
  • Proficiency in second-line control assurance and issues management, driving thematic remediation.
  • Exceptional written and verbal communication; translates complex risk into clear, actionable narratives for executives and the board.
  • Team leadership and talent development; builds high-performance teams and next-level leaders.
  • Change agent mindset with process improvement, tooling, and automation competencies, including appropriate use of AI-assisted workflows.
  • Collaboration and influence across ERM, Internal Audit, Legal, Privacy, Procurement, and technology organizations.
Travel Requirements

N/A

Physical Demands
  • Stationary Position: Frequently
  • Vision: 20/20 corrected vision
  • Hearing: Receive detailed information if spoken to

What Asurion employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom