ZipRecruiter

Log In

1

Technology Risk Management Jobs in Boston, MA (NOW HIRING)

Thinkbrg

IT Risk and Compliance Analyst

Boston, MA ยท On-site

$90K - $115K/yr

Reporting Relationships: * IT Risk and Compliance Manager Key Contacts: * Works closely with the Legal and Business Unit stakeholders. * This role will work with the clients in response to security ...

Origin Staffing

Senior IT Internal Auditor

Boston, MA ยท Hybrid

$102K - $134K/yr

This is a highly visible role supporting enterprise-wide technology, cybersecurity, ERP transformation, SOX, and risk management initiatives across a complex global organization. This position is ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA ยท On-site

$130K - $170K/yr

QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. * Demonstrated experience conducting structured cybersecurity or ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA ยท On-site

$130K - $170K/yr

QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. * Demonstrated experience conducting structured cybersecurity or ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA ยท On-site

$130K - $170K/yr

QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. * Demonstrated experience conducting structured cybersecurity or ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA

$130K - $170K/yr

QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. * Demonstrated experience conducting structured cybersecurity or ...

next page

Showing results 1-20

All JobsTechnology Risk Management JobsTechnology Risk Management Jobs in Boston, MA

Technology Risk Management information

See Boston, MA salary details

$47.3K

$112.8K

$182.2K

How much do technology risk management jobs pay per year?

As of Jun 29, 2026, the average yearly pay for technology risk management in Boston, MA is $112,815.00, according to ZipRecruiter salary data. Most workers in this role earn between $78,900.00 and $143,600.00 per year, depending on experience, location, and employer.

What is a Technology Risk Management job?

A Technology Risk Management job involves identifying, assessing, and mitigating risks related to an organization's technology infrastructure, systems, and data. Professionals in this field develop policies, ensure compliance with regulatory requirements, and implement security controls to protect against cyber threats and operational failures. They collaborate with IT, security, and business teams to address vulnerabilities and enhance resilience. The role requires knowledge of risk assessment frameworks, regulatory standards, and emerging technology risks.

What are the key skills and qualifications needed to thrive in the Technology Risk Management position, and why are they important?

To excel in Technology Risk Management, you need a background in information security, risk assessment, and regulatory compliance, often supported by a relevant degree and experience in IT or cybersecurity. Familiarity with risk management frameworks (such as NIST or ISO 27001), governance, risk and compliance (GRC) tools, and certifications like CISA, CISSP, or CRISC are highly valued. Strong analytical thinking, communication skills, and the ability to influence and collaborate across departments are vital soft skills for this role. These competencies are crucial to effectively identify, mitigate, and communicate technology risks, helping organizations manage threats while ensuring business continuity and compliance.

What does technology risk management do?

Technology risk management involves identifying, assessing, and mitigating risks related to information technology systems and infrastructure. Professionals in this field develop strategies to protect data, ensure compliance, and reduce the impact of cyber threats, often using tools like risk assessments and security frameworks. It requires knowledge of cybersecurity, IT controls, and industry standards such as ISO 27001 or NIST.

What is the highest paying risk management job?

In risk management, senior roles such as Chief Risk Officer (CRO) or Director of Risk typically have the highest salaries, often exceeding six figures annually. These positions require extensive experience, advanced certifications like FRM or CRM, and strong leadership skills within financial, insurance, or corporate environments.

Is risk management a good career?

Risk management is a valuable career path, especially in fields like technology risk management where professionals identify and mitigate cybersecurity threats, compliance issues, and operational risks. It often requires certifications such as CRISC or CISSP and involves analytical skills, attention to detail, and understanding of industry standards. The demand for risk management professionals is growing as organizations prioritize security and regulatory compliance.

What are the typical daily responsibilities for someone working in Technology Risk Management?

Professionals in Technology Risk Management are typically responsible for identifying and assessing potential technology-related risks, developing policies and controls to mitigate those risks, and monitoring compliance with internal and external regulations. Their day-to-day activities often include conducting risk assessments, coordinating with IT teams on security initiatives, preparing reports for senior management, and responding to incidents or audit findings. Collaboration with various departments such as IT, compliance, and business units is frequent to ensure comprehensive risk oversight. This role requires staying up-to-date on emerging threats and evolving regulatory requirements to proactively manage the organization's risk posture.

How much do technology risk consultants make?

Technology risk consultants typically earn between $70,000 and $130,000 annually, depending on experience, location, and certifications such as CISSP or CISA. Senior consultants or those in high-demand areas can earn higher salaries, often exceeding $150,000 with bonuses and benefits included.
What are the most commonly searched types of Technology Risk Management jobs in Boston, MA? The most popular types of Technology Risk Management jobs in Boston, MA are:
What are popular job titles related to Technology Risk Management jobs in Boston, MA? For Technology Risk Management jobs in Boston, MA, the most frequently searched job titles are:
What job categories do people searching Technology Risk Management jobs in Boston, MA look for? The top searched job categories for Technology Risk Management jobs in Boston, MA are:
Technology Risk Management jobs near you
Infographic showing various Technology Risk Management job openings in Boston, MA as of June 2026, with employment types broken down into 77% Full Time, 17% Part Time, 1% Temporary, and 5% Contract. Highlights an 88% Physical, 2% Hybrid, and 10% Remote job distribution, with an average salary of $112,815 per year, or $54.2 per hour.
MD GRC Risk Management and Governance

MD GRC Risk Management and Governance

State Street Corporation

Quincy, MA โ€ข On-site

$170K - $282K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 26 days ago

Job description

The Managing Director, Cyber Risk Management & Governance will lead a team responsible for the design, execution, and oversight of the cyber risk management and governance framework. This role ensures cyber risk is consistently identified, assessed, governed, and reported in alignment with the Enterprise Risk Framework, regulatory expectations, and the firm's risk appetite. The role serves as a central coordination point, with a strong focus on framework governance, risk management, findings oversight and management, and executive-level reporting.
Key Responsibilities
  • Own and evolve the Cyber Risk Management Framework, ensuring alignment with the Enterprise Risk Framework and regulatory expectations.
  • Govern cyber risk taxonomies, risk appetite statements, risk metrics, and assessment methodologies.
  • Support embedding cyber risk practices across the L3 Cyber risk methodology and support functional and business risk owners in their efforts to improve and sustain cyber risk posture.
  • Provide oversight of control assurance and remediation execution and quality, including challenge, escalation, and consistency.
  • Ensure consistent linkage between assessment outcomes, risk appetite, and remediation priorities.
  • Enable and guide Enterprise Process Owner (EPO) / Metric Owners with challenges related to processes area / Key Risk Indicator improvement, ensuring clear accountability and effective operation.
  • Support the second line of defense in defining, maintaining, and overseeing Cyber Key Risk Indicators (KRIs) and thresholds, ensuring they provide meaningful insight into risk posture and trends.
  • Coordinate cyber risk matters for management-level and executive Risk Committees, including agenda development, materials, and escalation.
  • Produce and oversee executive-level cyber risk reporting, including risk posture, trends, material issues, and emerging risks.
  • Ensure reporting is concise, decision-oriented, and aligned with enterprise and Board risk governance expectations.
  • Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and follow-through.
  • Oversee LOD and legal entity cyber risk reporting, ensuring a consistent Global Cybersecurity view.
  • Coordinate with Cyber Compliance teams to provide accurate data sharing for regulatory engagement and legal entities.
  • Provide governance oversight for issues that impact cyber risk, including intake, severity assessment, challenge, escalation, and closure monitoring.
  • Oversee cyber risk acceptance governance, ensuring decisions are risk-informed, appropriately documented, time-bound, and approved at the correct level.
  • Ensure alignment between issues, risk acceptances, and risk appetite.
  • Lead the intake and governance of cyber findings from audits, regulatory reviews, assessments, and testing activities.
  • Ensure findings are consistently risk-rated, challenged where appropriate, and tracked through remediation to closure.
  • Monitor remediation progress, aging, and systemic themes, escalating concerns as needed to governance/management committees.

Required Qualifications
  • 10+ years of experience in cybersecurity risk management, technology risk, or enterprise risk governance, with significant experience at a senior leadership level.
  • Bachelor's degree in information systems, computer science, data analytics, cybersecurity or related field (or equivalent experience).
  • Deep understanding of cyber risk frameworks, enterprise risk management, and regulatory expectations within a large, complex financial services or regulated environment.
  • Proven experience with risk governance, control assurance and assessments, KRIs, issue management, and executive reporting.
  • Strong ability to build relationships across the three lines of defense and influence at executive and Board levels.
  • Exceptional communication skills, with the ability to translate technical and risk concepts into executive-level insights.
  • Experience leading highly successful teams in achieving objectives and key results.

Preferred Skills
  • Cybersecurity Certifications such as: CISSP, CISM or equivalent.
  • Experience implementing automated and/or continuous controls monitoring in cloud and hybrid environments.
  • Strong analytical mindset with the ability to translate ambiguous risk or control questions into measurable metrics and repeatable tests.
  • Clear written and verbal communication skills, including the ability to explain complex technical findings and trends to leadership.

Salary Range:
$170,000 - $282,500 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.
Employees are eligible to participate in State Street's comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.
For a full overview, visit https://hrportal.ehr.com/statestreet/Home.
About State Street
Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.
We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you'll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.
As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.
Discover more information on jobs at StateStreet.com/careers
Read our CEO Statement
Job Application Disclosure:
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
State Street logo

About State Street

Sourced by ZipRecruiter

State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

Industry

Finance and insurance

Company size

10,000+ Employees

Headquarters location

Boston, MA, US

Year founded

1792

Social media

FacebookTwitter

View All State Street Jobs

Apply