This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The ...
... technology, risk and control initiatives. The Financial Risk Advisory & Consulting Manager will ... Ability to interact with external auditors and members of senior management to co-develop ...
... technology, risk and control initiatives. The Financial Risk Advisory & Consulting Manager will ... Ability to interact with external auditors and members of senior management to co-develop ...
... technology, risk and control initiatives. The Financial Risk Advisory & Consulting Manager will ... Ability to interact with external auditors and members of senior management to co-develop ...
... technology, risk and control initiatives. The Financial Risk Advisory & Consulting Manager will ... Ability to interact with external auditors and members of senior management to co-develop ...
Cybersecurity Risk Analyst
Nashville, TN · On-site
Responsibilities Support a Technology Vendor Management program, ensuring technology risk reviews across multiple disciplines, and monitoring for renewals and savings opportunities Participate in ...
Cybersecurity Risk Analyst
Nashville, TN · On-site
Responsibilities Support a Technology Vendor Management program, ensuring technology risk reviews across multiple disciplines, and monitoring for renewals and savings opportunities Participate in ...
Cybersecurity Risk Analyst
Nashville, TN · On-site
Responsibilities Support a Technology Vendor Management program, ensuring technology risk reviews across multiple disciplines, and monitoring for renewals and savings opportunities Participate in ...
Cybersecurity Risk Analyst
Nashville, TN · On-site
Responsibilities Support a Technology Vendor Management program, ensuring technology risk reviews across multiple disciplines, and monitoring for renewals and savings opportunities Participate in ...
Senior Manager, IT General Controls Audit
$81K - $106K/yr
Perform IT risk assessments and provide recommendations to strengthen governance and reduce ... Experience auditing enterprise applications, ERP systems, identity and access management, cloud ...
New
Quick apply
Apply Early
Senior Manager, IT General Controls Audit
$81K - $106K/yr
Perform IT risk assessments and provide recommendations to strengthen governance and reduce ... Experience auditing enterprise applications, ERP systems, identity and access management, cloud ...
New
Apply Early
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Responsible for managing the Medicare Advantage risk adjustment process and encounter data ... technology and other resources to provide more and better information to network providers • ...
Responsible for managing the Medicare Advantage risk adjustment process and encounter data ... technology and other resources to provide more and better information to network providers • ...
Responsible for managing the Medicare Advantage risk adjustment process and encounter data ... technology and other resources to provide more and better information to network providers • ...
Responsible for managing the Medicare Advantage risk adjustment process and encounter data ... technology and other resources to provide more and better information to network providers • ...
Responsible for managing the Medicare Advantage risk adjustment process and encounter data ... technology and other resources to provide more and better information to network providers • ...
Responsible for managing the Medicare Advantage risk adjustment process and encounter data ... technology and other resources to provide more and better information to network providers • ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Communicate risk posture, control health, key issues, and program outcomes to the CISO and senior ... Drive Issue Management and Remediation - Assess control deficiencies and compliance findings ...
Risk Manager
Nashville, TN · On-site
We are seeking a Nashville-based Risk Officer to join our Institutional Investment Management ... new technologies into our business or providing thoughtful advice to our clients, we are fully ...
Risk Manager
Nashville, TN · On-site
We are seeking a Nashville-based Risk Officer to join our Institutional Investment Management ... new technologies into our business or providing thoughtful advice to our clients, we are fully ...
Risk Manager
Nashville, TN · On-site
We are seeking a Nashville-based Risk Officer to join our Institutional Investment Management ... new technologies into our business or providing thoughtful advice to our clients, we are fully ...
Risk Manager
Nashville, TN · On-site
We are seeking a Nashville-based Risk Officer to join our Institutional Investment Management ... new technologies into our business or providing thoughtful advice to our clients, we are fully ...
VP of Information Security & Risk Management
Nashville, TN · On-site
$200K - $250K/yr
Responsibilities: • Develop and lead a company-wide information security and risk management ... core security technologies and concepts, including network security tools such as Cisco ASA ...
Quick apply
VP of Information Security & Risk Management
Nashville, TN · On-site
$200K - $250K/yr
Responsibilities: • Develop and lead a company-wide information security and risk management ... core security technologies and concepts, including network security tools such as Cisco ASA ...
... Risk Management Framework (RMF) Subject Matter Expert (SME) to support our clients. The RMF SME ... BGS is an engineering, technology, and security firm helping to advance missions of national ...
... Risk Management Framework (RMF) Subject Matter Expert (SME) to support our clients. The RMF SME ... BGS is an engineering, technology, and security firm helping to advance missions of national ...
Private Wealth Risk Officer
Nashville, TN · On-site
$110K - $130K/yr
Present to the risk management team, business heads and senior management on risk management efforts and initiatives * Assist with a new buildout of Investment Risk technology infrastructure for ...
Private Wealth Risk Officer
Nashville, TN · On-site
$110K - $130K/yr
Present to the risk management team, business heads and senior management on risk management efforts and initiatives * Assist with a new buildout of Investment Risk technology infrastructure for ...
... IT Risk Management and Governance programs * 2 years conducting post-mortem analyses after IT disasters to identify and resolve issues. * 3+ years using JIRA for tracking issues * 3+ years in an ...
... IT Risk Management and Governance programs * 2 years conducting post-mortem analyses after IT disasters to identify and resolve issues. * 3+ years using JIRA for tracking issues * 3+ years in an ...
Risk Rating Manager
Memphis, TN · On-site
... management and maintenance of First Horizon's Commercial Risk Rating framework. It includes ... Work with Enterprise Technology on system implementation * Design and lead user acceptance testing ...
Risk Rating Manager
Memphis, TN · On-site
... management and maintenance of First Horizon's Commercial Risk Rating framework. It includes ... Work with Enterprise Technology on system implementation * Design and lead user acceptance testing ...
Technology Risk Management information
See Tennessee salary details
$39.5K - $49.7K
8% of jobs
$49.7K - $59.9K
14% of jobs
$64.6K is the 25th percentile. Wages below this are outliers.
$59.9K - $70.2K
6% of jobs
$70.2K - $80.4K
8% of jobs
$80.4K - $90.6K
11% of jobs
The median wage is $92.8K / yr.
$90.6K - $100.9K
13% of jobs
$100.9K - $111.1K
11% of jobs
$114.2K is the 75th percentile. Wages above this are outliers.
$111.1K - $121.3K
15% of jobs
$121.3K - $131.6K
8% of jobs
$131.6K - $141.8K
4% of jobs
$141.8K - $152K
2% of jobs
$39.5K
$94.1K
$152K
How much do technology risk management jobs pay per year?
What is a Technology Risk Management job?
A Technology Risk Management job involves identifying, assessing, and mitigating risks related to an organization's technology infrastructure, systems, and data. Professionals in this field develop policies, ensure compliance with regulatory requirements, and implement security controls to protect against cyber threats and operational failures. They collaborate with IT, security, and business teams to address vulnerabilities and enhance resilience. The role requires knowledge of risk assessment frameworks, regulatory standards, and emerging technology risks.
What are the key skills and qualifications needed to thrive in the Technology Risk Management position, and why are they important?
To excel in Technology Risk Management, you need a background in information security, risk assessment, and regulatory compliance, often supported by a relevant degree and experience in IT or cybersecurity. Familiarity with risk management frameworks (such as NIST or ISO 27001), governance, risk and compliance (GRC) tools, and certifications like CISA, CISSP, or CRISC are highly valued. Strong analytical thinking, communication skills, and the ability to influence and collaborate across departments are vital soft skills for this role. These competencies are crucial to effectively identify, mitigate, and communicate technology risks, helping organizations manage threats while ensuring business continuity and compliance.
What are the typical daily responsibilities for someone working in Technology Risk Management?
Professionals in Technology Risk Management are typically responsible for identifying and assessing potential technology-related risks, developing policies and controls to mitigate those risks, and monitoring compliance with internal and external regulations. Their day-to-day activities often include conducting risk assessments, coordinating with IT teams on security initiatives, preparing reports for senior management, and responding to incidents or audit findings. Collaboration with various departments such as IT, compliance, and business units is frequent to ensure comprehensive risk oversight. This role requires staying up-to-date on emerging threats and evolving regulatory requirements to proactively manage the organization's risk posture.

Other
Posted 14 days ago
Job description
POSITION PURPOSE
The Director of IT Governance, Risk and Compliance provides strategic leadership and oversight of the organization's IT risk posture, governance frameworks, and regulatory compliance within a financial services environment. This role reports to the CIO and ensures alignment between IT risk management practices and the institution's risk appetite, while enabling secure, compliant, and resilient technology operations. The director serves as a key liaison to regulators and internal audit, leads enterprise IT risk programs, and partners closely with information security, legal, compliance, and business units to proactively identify, assess, and mitigate risk across systems, vendors, and emerging technologies.
ESSENTIAL FUNCTIONS AND BASIC DUTIES
1. Define And maintain the IT risk management framework, ensuring alignment with enterprise risk appetite and business strategy.
2. Develop and execute a multi year IT risk maturity road map, including governance, controls, and reporting enhancements.
3. Provide executive level and board reporting on IT risk posture, trends, and emerging threats.
4. Establish and oversee IT governance structures, policies, standards, and procedures.
5. Lead enterprise IT risk assessments, including infrastructure, applications, and security architecture reviews.
6. Identify vulnerabilities, evaluate risk exposure, and ensure timely mitigation of identified issues.
7. Oversee risk acceptance processes and provide escalation authority for material IT and security risks.
8. Review and challenge risk decisions, ensuring consistency with organizational risk tolerance.
9. Serve as primary point of contact for IT regulatory examinations and audits.
10. Manage IT exam life cycle, including preparation, coordination, and response.
11. Oversee tracking, reporting, and remediation of IT findings from regulators and internal/ external audits.
12. Maintain comprehensive documentation of audits, findings, and corrective actions.
13. Interpret and operationalize regulatory requirements related to IT systems, data protection, and information security to include SOX, data privacy laws, and financial regulations.
14. Develop and implement strategies to ensure ongoing compliance with applicable laws and standards.
15. Partner with legal and compliance teams to monitor regulatory changes and assess impact on IT controls.
16. Provide oversight of IT risk associated with third party vendors, including material risk vendor reviews and escalations.
17. Collaborate with vendor management teams to ensure adequate controls and risk mitigation strategies.
18. Assess risks associated with new technologies, products, and services, ensuring appropriate governance and control implementation.
19. Partner closely with information security to align on security controls, risk assessments, and remediation priorities.
20. Work with business and technology stakeholders to embed risk management practices into day-to-day operations.
21. Promote a strong risk-aware culture across the organization.
QUALIFICATIONS
EDUCATION/CERTIFICATION: Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field. Advanced degree preferred. Relevant certifications preferred (e.g., CISM, CRISC, CISSP, CISA)
REQUIRED KNOWLEDGE: Strong understanding of SOX, data privacy regulations, and technology compliance requirements.
EXPERIENCE REQUIRED: Ten or more (10+) years of progressive experience in IT risk management, IT audit, information security, or governance within financial services or a highly regulated industry.
Deep expertise in IT risk frameworks, such as NIST, COBIT, ISO 27001, and regulatory environments.
Proven experience managing regulatory exams and audit engagements.
SKILLS/ABILITIES:
Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership.
Demonstrated ability to lead complex risk programs and influence senior stakeholders, including executive leadership.
Very strong analytical & problem-solving skills