1

Technology Risk Management Jobs in Houston, TX (NOW HIRING)

Senior Security Analyst

Houston, TX · On-site

$91K - $119K/yr

Broad knowledge of information and technology risk management policies, methods, standards, tools, and processes (e.g. ISO, COSO, COBIT) as well as knowledge of compliance, legal, internal / external ...

Sr AI & Technology Auditor

Houston, TX · On-site

$97K - $127K/yr

... T risk management, or data science. • Minimum 2+ years of direct experience auditing or governing AI/Machine Learning environments. • In-depth knowledge of IT general controls (ITGC), NIST AI ...

next page

Showing results 1-20

Technology Risk Management information

See Houston, TX salary details

$41.5K

$99K

$160K

How much do technology risk management jobs pay per year?

As of Jun 30, 2026, the average yearly pay for technology risk management in Houston, TX is $99,034.00, according to ZipRecruiter salary data. Most workers in this role earn between $69,200.00 and $126,100.00 per year, depending on experience, location, and employer.

What is a Technology Risk Management job?

A Technology Risk Management job involves identifying, assessing, and mitigating risks related to an organization's technology infrastructure, systems, and data. Professionals in this field develop policies, ensure compliance with regulatory requirements, and implement security controls to protect against cyber threats and operational failures. They collaborate with IT, security, and business teams to address vulnerabilities and enhance resilience. The role requires knowledge of risk assessment frameworks, regulatory standards, and emerging technology risks.

What are the key skills and qualifications needed to thrive in the Technology Risk Management position, and why are they important?

To excel in Technology Risk Management, you need a background in information security, risk assessment, and regulatory compliance, often supported by a relevant degree and experience in IT or cybersecurity. Familiarity with risk management frameworks (such as NIST or ISO 27001), governance, risk and compliance (GRC) tools, and certifications like CISA, CISSP, or CRISC are highly valued. Strong analytical thinking, communication skills, and the ability to influence and collaborate across departments are vital soft skills for this role. These competencies are crucial to effectively identify, mitigate, and communicate technology risks, helping organizations manage threats while ensuring business continuity and compliance.

What are the typical daily responsibilities for someone working in Technology Risk Management?

Professionals in Technology Risk Management are typically responsible for identifying and assessing potential technology-related risks, developing policies and controls to mitigate those risks, and monitoring compliance with internal and external regulations. Their day-to-day activities often include conducting risk assessments, coordinating with IT teams on security initiatives, preparing reports for senior management, and responding to incidents or audit findings. Collaboration with various departments such as IT, compliance, and business units is frequent to ensure comprehensive risk oversight. This role requires staying up-to-date on emerging threats and evolving regulatory requirements to proactively manage the organization's risk posture.

What are the most commonly searched types of Technology Risk Management jobs in Houston, TX? The most popular types of Technology Risk Management jobs in Houston, TX are:
What are popular job titles related to Technology Risk Management jobs in Houston, TX? For Technology Risk Management jobs in Houston, TX, the most frequently searched job titles are:
What job categories do people searching Technology Risk Management jobs in Houston, TX look for? The top searched job categories for Technology Risk Management jobs in Houston, TX are:
Infographic showing various Technology Risk Management job openings in Houston, TX as of June 2026, with employment types broken down into 83% Full Time, 15% Part Time, 1% Temporary, and 1% Contract. Highlights an 88% Physical, 2% Hybrid, and 10% Remote job distribution, with an average salary of $99,034 per year, or $47.6 per hour.
Information Security Risk Mgmt Anlst

Information Security Risk Mgmt Anlst

CITGO Petroleum Corporation

Houston, TX • On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 6 days ago


Citgo rating

6.1

Company rating: 6.1 out of 10

Based on 56 frontline employees who took The Breakroom Quiz

53rd of 74 rated oil and gas companies


Job description

CITGO PETROLEUM CORPORATION

CITGO Petroleum Corporation is a recognized leader in the refining industry and operates under the well-known CITGO brand. CITGO owns and operates three refineries located in Lake Charles, LA.; Lemont, IL.; and Corpus Christi, TX, and wholly and/or jointly owns 38 active terminals, six pipelines and three lubricants blending and packaging plants. With approximately 3,300 employees and a combined crude capacity of approximately 807,000 barrels-per-day (bpd), positions CITGO as one of the best-branded supplier companies in the industry.

At CITGO our people are our most important resource.  Our core values are Safety, Integrity, Respect, Accountability, and Care.

Job Summary
The Risk Management Analyst is responsible for identifying, assessing, and managing cybersecurity risks across the organization's IT and OT environments. The analyst leads CITGO efforts in hardware / software and systems risk assessments, Risk Management, cybersecurity policy and procedure management, and cybersecurity governance. In this dynamic role, the employee oversees critical areas such as cyber risk assessments, policy and procedure rollout to system owners, and incident response planning, ensuring our business remains resilient and secure. As a key contributor, the employee collaborates with cross-functional teams to drive compliance initiatives, protect sensitive data, and help maintain the trust of CITGO’s information.
Minimum Qualifications

Required:

  • Bachelor’s degree and 8 years of experience; or associate’s degree and 10 years of experience; or high school diploma and 12 years of experience.
  • Awareness of emerging technologies and their associated risks.
  • Advanced analytical and problem-solving skills for assessing and prioritizing risks.
  • Compliance Standards: Familiarity with standards like ISO 27001 and NIST 800.53, 800.144 and 800.82.
  • IT and OT Risks: General knowledge of risks that impact IT and OT systems.
  • Supply Chain and Third-Party Cyber Risk Management (TPRM): Knowledge of best practices for TPRM, including highest priority risk mitigation practices.
  • Attention to Detail: Precision in managing risk assessments and governance to ensure adherence to compliance standards.

 

Preferred:

  • CISSP, CRISC or other security or compliance certifications.
Job Duties
  1. Comprehensive Infrastructure Risk Assessment:
    1. Conduct regular and thorough cybersecurity risk assessments across the organization's entire IT and OT infrastructure, including networks, cloud environments, data centers, endpoints, IoT devices, and software applications.
    2. Ensure risk assessments are aligned with industry frameworks like NIST, and CIS Controls to identify and prioritize risks.
    3. Regularly review security configurations and controls for effectiveness and compliance with organizational policies and external regulations (e.g., GDPR, CCPA, PCI DSS).
    4. Assist in evaluating cybersecurity risks posed by third-party vendors, contractors, and service providers, including supply chain risks.
    5. Perform regular assessments of exposure and coordinate security reviews ensuring adherence to organizational security standards.
  2. Hardware / Software Risk Assessments for IT and OT:
    1. Coordinates the risk assessment process, meeting with IT and Business Coordinators.
    2. Ensure the assessment process moves quickly to prevent delays in the implementation of new hardware and software.
    3. Utilize external threat platforms to assess other risks.
    4. Utilizes the GRC platform to control the assessment process..
  3. Governance Policy / Procedure Rollout to System Owners:
    1. Collaborate on developing policies, standards, and procedures to enhance risk management structure. Meets with system owners to review changes to policies, procedures, and controls.
    2. Meets with new system owners to review their responsibilities.
    3. Utilizes the GRC platform to control and document system owner responsibilities.
  4. Supply Chain and Third-Party Cyber Risk Management:
    1. Evaluate and collaborate with Legal and Procurement to ensure supply chain risk is mitigated.
    2. Utilize cyber risk platforms to document and follow up on 3rd party risk.
  5. Incident Response Plans (IRP):
    1. Responsible for maintaining the IT and OT IRP.
    2. Works with the Manager InfoSec and consultants to continuously update the IRP.
    3. Participate in tabletop exercises related to IT and OT IRPs.
Job Duties II

Job duties displayed above are not all-inclusive, site-specific responsibilities may be assigned. 

Here are the incentives we offer:

• Remote Work options available for eligible positions
• Options are department and/or location specific
• 9/80 Work Schedule Option (where applicable)
• Annual Vacation Incentive (40-120 hours of additional pay) for Eligible Employees
• Paid Vacation Time
• Company-Paid Holidays
• Caregiver Leave
• Excellent 401(k) Match
• Pension Plan

• Performance Incentive

• Company-Paid Sick Leave and Long-Term Disability
• Medical, Dental, & Vision Plans; FSA and HSA options
• Company-Paid Life Insurance for Active Employees
• Healthy Rewards Program
• Service Awards Program
• Educational Assistance Plan
• Dependent Children Scholarships
• Reimbursement for Gym Membership
• Employee Discount Programs
• On-site Health Clinic (select locations)
• On-site Cafeteria (select locations)
• On-site Credit Union and ATM (Corporate office only)
• On-site Fitness Center (select locations)


PLEASE NOTE ALL JOBS DO NOT QUALIFY FOR ALL PERKS

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.

Requisition ID - 1920 


What Citgo employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom