1

Technology Risk Management Internship Jobs in Boston, MA

Third-Party Risk Consultant

Boston, MA ยท On-site

$86K - $113K/yr

Additionally, you will support the adoption of risk management practices across the ETX organization. As a key member of the ETX Third-Party Technology Assurance team, you will help drive change and ...

First Line Risk Sr Manager

Westwood, MA ยท On-site

$117K - $153K/yr

... management, and mitigation of the risk and controls environment. You will serve as a liaison ... These initiatives involve technology risk, model risk, third-party risk, and customer impact ...

First Line Risk Sr Manager

Westwood, MA ยท On-site

$117K - $153K/yr

... management, and mitigation of the risk and controls environment. You will serve as a liaison ... These initiatives involve technology risk, model risk, third-party risk, and customer impact ...

next page

Showing results 1-20

Technology Risk Management Internship information

See Boston, MA salary details

$14

$27

$42

How much do technology risk management internship jobs pay per hour?

As of Jul 16, 2026, the average hourly pay for technology risk management internship in Boston, MA is $27.61, according to ZipRecruiter salary data. Most workers in this role earn between $22.45 and $31.35 per hour, depending on experience, location, and employer.

What types of projects or tasks can I expect to work on during a Technology Risk Management Internship?

As a Technology Risk Management Intern, you'll typically assist with identifying, assessing, and documenting technology-related risks within the organization. Your tasks may include supporting risk assessments, helping to evaluate security controls, preparing reports for stakeholders, and participating in audits or compliance reviews. You'll likely collaborate closely with IT, cybersecurity, and compliance teams to understand risk management frameworks and learn best practices for mitigating technology risks. This hands-on experience is valuable for building a foundation in risk analysis and developing skills relevant to future roles in technology governance or information security.

What are the key skills and qualifications needed to thrive as a Technology Risk Management Intern, and why are they important?

To excel as a Technology Risk Management Intern, you need a basic understanding of information technology concepts, risk assessment, and cybersecurity principles, often supported by coursework in IT, business, or related fields. Familiarity with risk management frameworks, data analysis tools, and platforms like Excel, GRC systems, or security software is commonly required. Strong analytical thinking, attention to detail, and effective communication are crucial soft skills that help interns collaborate and clearly present risk findings. These competencies are vital for identifying, assessing, and mitigating technology risks, thereby supporting organizational security and compliance.

What is the difference between Technology Risk Management Internship vs Cybersecurity Analyst Internship?

AspectTechnology Risk Management InternshipCybersecurity Analyst Internship
Required CredentialsRelevant coursework, basic certifications (e.g., CompTIA Security+)Similar certifications, technical skills in security tools
Work EnvironmentRisk assessment, compliance, policy development in financial/tech firmsSecurity monitoring, incident response in IT/security teams
Employer & Industry UsageFinancial institutions, tech companies focusing on risk mitigationIT departments, cybersecurity firms, tech companies

Technology Risk Management Internships focus on assessing and managing technology-related risks, compliance, and policies, while Cybersecurity Analyst Internships concentrate on protecting systems from security threats. Both roles often overlap in skills and industry settings but differ in core responsibilities.

What is a Technology Risk Management Internship?

A Technology Risk Management Internship is a temporary, entry-level position where students or recent graduates assist organizations in identifying, assessing, and mitigating risks related to their technology systems and data. Interns typically work with experienced risk managers to analyze IT processes, ensure compliance with security policies, and help implement risk controls. This internship provides hands-on experience in cybersecurity, regulatory compliance, and risk analysis within a business or financial environment. It is a valuable opportunity for those interested in pursuing careers in information security, IT audit, or risk management.
What are the most commonly searched types of Technology Risk Management jobs in Boston, MA? The most popular types of Technology Risk Management jobs in Boston, MA are:
Third-Party Risk Consultant

Third-Party Risk Consultant

MassMutual

Boston, MA โ€ข On-site

$86K - $113K/yr

Full-time

This job post hasย expired today.ย Applications are no longer accepted.


Job description

Third-Party Risk Consultant, ETX Governance, Risk & Compliance Team

Full-Time, Springfield/Boston

The Opportunity

As a Third-Party Risk Consultant, you will play a crucial role in implementing the third-party risk framework. This position is responsible for executing third-party risk assessments and due diligence activities across the MassMutualโ€™s third-party ecosystem. Additionally, you will support the adoption of risk management practices across the ETX organization. As a key member of the ETX Third-Party Technology Assurance team, you will help drive change and enhance operational efficiency throughout the organization.

The Team

The ETX Governance, Risk & Compliance Team is comprised of governance and risk professionals responsible for implementing governance processes and risk management practices for the ETX (Information Technology) organization. We work closely with our business and technology partners and succeed together by designing practical and effective technology governance and risk management solutions to increase operational efficiency.

The Impactโ€‹

  • Analyze third-party services, data flows, and system integrations to identify and recommend inherent and residual risk exposure.
  • Collaborate with issue management teams to ensure identified risks, including vulnerabilities, are appropriately tracked, communicated, and remediated
  • Contribute to status reporting and metrics tracking for ongoing third-party risk activities
  • Evaluate, document, communicate, and support breach event and incident response activities
  • Execute risk evaluation procedures by reviewing evidence, documenting observations, and recording results in accordance with defined templates and quality standards
  • Identify control gaps, weaknesses, or non-compliance issues and clearly document and recommend findings for further review and disposition
  • Partner with senior practitioners to support risk rating determinations and escalation decisions
  • Apply knowledge and discretion when performing risk assessments to ensure third parties meet security and technology standards in alignment with established practices and procedures
  • Proactively escalate delays, gaps in information, or emerging risks to the team lead
  • Research and consult with internal subject matter experts to understand and document risk identified through risk assessments and due diligence practices, and communicate the findings to stakeholders

The Minimum Qualifications

  • 2+ years of experience in risk management and/or completing third-party risk assessments
  • 2+ years of experience implementing metrics to track status, identify trends, and surface potential issues
  • 2+ years of experience working in an enterprise GRC platform, including proficient use of Excel import/export functions

The Ideal Qualifications

  • Bachelorโ€™s degree, preferably in technology, cybersecurity, risk management, or business-related field
  • 3+ years of experience in third-party risk management, technology risk, cybersecurity, audit, or testing controls
  • Proficiency with SharePoint and related tools used to execute an effective regulatory compliance program
  • Experience communicating regulatory requirements to technical and non-technical audiences, and facilitating discussions between ETX owners, Compliance, and Law to ensure a shared understanding and effective compliance
  • Foundational understanding of third-party risk domains, including:
    • Cybersecurity and data protection
    • Cloud/SaaS risk considerations
    • Identity and access management (e.g., SSO vs. standalone access)
    • Business continuity and resiliency
  • Familiarity with industry frameworks such as NIST, ISO 27001, SOC 2, or similar
  • Ability to interpret control evidence and assess adequacy relative to risk
  • Strong written and verbal communication skills, with the ability to interact effectively with internal stakeholders and third parties
  • Demonstrated ability to execute with limited guidance while meeting deadlines in a structured, process-driven environment
  • Strong attention to detail and documentation discipline

What You Can Expect at MassMutual

MassMutual offers the opportunity to do meaningful work within a purpose-driven organization that values long-term impact over short-term outcomes. In this role, you can expect:

  • Clear areas of ownership and accountability, with work that connects directly to company and customer outcomes 
  • A collaborative environment where perspectives are welcomed  
  • Access to learning, development, and internal networks that support continuous growth and skill-building over time 
  • Employee-led communities and forums that foster connection, learning, and inclusion across the organization 
  • A culture grounded in integrity, responsibility, and stewardshipโ€”supported by a company with a strong legacy and a future-focused mindset

#LI-RK1

MassMutual is an equal employment opportunity employer. We welcome all persons to apply.
If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.
California residents: For detailed information about your rights under the California Consumer Privacy Act (CCPA), please visit our California Consumer Privacy Act Disclosures page.