1

Technology Risk Manager Jobs in Massachusetts (NOW HIRING)

IT Risk & Compliance Analyst

Andover, MA · On-site +1

$95K - $95K/yr

This position reports to the Manager, IT Risk & Compliance. This role is remote and may be based anywhere within the United States. Primary Job Duties and Responsibilities * Coordinate IT compliance, ...

Understand the impact of key technology trends and workforce changes impacting our clients through ... Credit Risk, Liquidity Risk, Market Risk, Capital Management/Stress Testing * Knowledge of ...

Required : • 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. • Demonstrated experience conducting structured cybersecurity or ...

next page

Showing results 1-20

Technology Risk Manager information

See Massachusetts salary details

$56.2K

$121.8K

$185.7K

How much do technology risk manager jobs pay per year?

As of Jul 12, 2026, the average yearly pay for technology risk manager in Massachusetts is $121,833.00, according to ZipRecruiter salary data. Most workers in this role earn between $98,300.00 and $140,900.00 per year, depending on experience, location, and employer.

What is the difference between Technology Risk Manager vs Cybersecurity Analyst?

AspectTechnology Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISACISSP, CEH, Security+
Work EnvironmentRisk assessment, policy development, complianceMonitoring security threats, incident response, vulnerability analysis
Industry UsageFinancial, healthcare, technology firmsIT security teams, government agencies, corporations

The Technology Risk Manager focuses on identifying and mitigating overall technology risks and ensuring compliance, while the Cybersecurity Analyst concentrates on protecting systems from security threats and responding to incidents. Both roles require similar certifications and often work within the same industries, but their core responsibilities differ in scope and focus.

What are some common challenges Technology Risk Managers face when working across different departments?

Technology Risk Managers often encounter challenges in aligning risk management strategies with the priorities of various business units. Departments may have differing levels of risk tolerance, technical understanding, and resource availability, which can make establishing consistent policies and controls difficult. Success in the role relies on strong communication and negotiation skills, as well as the ability to educate stakeholders about the importance of risk mitigation while balancing business objectives. Building collaborative relationships and maintaining flexibility are key to overcoming these cross-departmental challenges.

What are the key skills and qualifications needed to thrive as a Technology Risk Manager, and why are they important?

To thrive as a Technology Risk Manager, you need expertise in risk assessment, cybersecurity principles, and regulatory compliance, often supported by a degree in information security or related fields. Familiarity with risk management frameworks (such as NIST or ISO 27001), GRC (governance, risk, and compliance) tools, and certifications like CISM or CISSP are typically required. Strong analytical thinking, communication, and stakeholder management skills help you translate technical risks into business terms and coordinate mitigation efforts. These abilities are critical to proactively identifying threats and ensuring organizational resilience against evolving technology risks.

What are Technology Risk Managers?

Technology Risk Managers are professionals responsible for identifying, assessing, and mitigating risks associated with information technology systems and processes within an organization. They ensure that IT operations comply with regulations and best practices while safeguarding data and technology assets from threats such as cyberattacks, data breaches, and system failures. Their work involves developing risk management strategies, conducting risk assessments, and collaborating with other departments to ensure the organization's technology infrastructure is secure and resilient.
What cities in Massachusetts are hiring for Technology Risk Manager jobs? Cities in Massachusetts with the most Technology Risk Manager job openings:
Infographic showing various Technology Risk Manager job openings in Massachusetts as of July 2026, with employment types broken down into 79% Full Time, 18% Part Time, 2% Temporary, and 1% Contract. Highlights an 85% Physical, 1% Hybrid, and 14% Remote job distribution, with an average salary of $121,833 per year, or $58.6 per hour.
Principal Technology Risk Analyst

Principal Technology Risk Analyst

Fidelity Investments

Boston, MA • On-site

$129K - $137K/yr

Full-time

Posted 2 days ago


Fidelity Investments rating

8.7

Company rating: 8.7 out of 10

Based on 266 frontline employees who took The Breakroom Quiz

17th of 148 rated financial services


Job description

Job Description:

Position Description:

Documents and communicates risk findings, while building data drive dashboards and trend reports to support leadership decision-making, using NIST, SOC, and COSO frameworks for governance, risk management, and compliance. Supports enterprise risk management by partnering with technology domains to assess the effectiveness of controls, implements automated monitoring and data analysis solutions to identify emerging risks, and informs proactive mitigation strategies. Identifies, assesses, and quantifies risks via data analytics, using MS Excel, SQL, Python, PowerBI and Tableau, and technical assessments (penetration testing, risk assessments, audits and vendor security assessments), enabling teams to proactively self-identify and remediate issues. Analyzes Key Performance Indicators (KPIs) to assess technology performance and optimize delivery models to improve scalability and operational efficiency. Develops plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure, and to meet emergency data processing needs.

Primary Responsibilities:

  • Collaborates across cross-functional teams to break down complex solutions, drive consensus, and align enterprise-wide strategies.

  • Monitors and reports security compliance on computing platforms including end user devices, critical enterprise APIs, server, and database systems to strengthen their protection against computer virus and other cyberattacks.

  • Conducts risk assessments and tests data processing systems to ensure the operational integrity and security measures.

  • Enables audit readiness and risk alignment by guiding technical teams through internal audits and risk assessments, to ensure control effectiveness and audit-ready documentation.

  • Builds risk monitoring solutions to detect emerging risk patterns, track control performance, and provide actionable insights for continuous improvement.

  • Collaborates with architects and engineering leads to define scalable, secure, and resilient controls across business units, embedding risk awareness into delivery practices.

  • Support strategic risk initiatives by communicating complex technical issues to leadership, fostering trust and a strong risk control culture.

  • Support operating model optimization by analyzing performance and risk metrics to identify inefficiencies and recommend improvements aligned with strategic goals.

Education and Experience:

Bachelor's degree in Computer Science, Engineering, Information Technology, Information Systems, Cybersecurity, or a closely related field (or foreign education equivalent) and five (5) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing IT audits, penetration testing, and risk assessments using Cloud security, operating system technologies, SecDevOps, networking and cybersecurity tools, and scripting and data analytics, in an Enterprise Technology domain.

Or, alternatively, Master's degree in Computer Science, Engineering, Information Technology, Information Systems, Cybersecurity, or a closely related field (or foreign education equivalent) and three (3) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing IT audits, penetration testing, and risk assessments using Cloud security, operating system technologies, SecDevOps, networking and cybersecurity tools, and scripting and data analytics, in an Enterprise Technology domain.

Skills and Knowledge:

Candidate must also possess:

  • Demonstrated Expertise ("DE") performing cybersecurity technology audit and risk analysis of applications within Cloud infrastructure environments (AWS and Azure services), using DivvyCloud, CloudDiscovery, Datadog, Snowflake, and SecureTrak; and performing cybersecurity assessments -- including system hardening, identity management, and data protection of server platforms (Linux, Unix, and Windows), databases (SQL, NoSQL, and Cloud-native), Mainframe TSS Z/OS, and IBM MQs -- using Microsoft Defender, Unix Shell scripting, Powershell Scripting, Splunk, and JSonar.

  • DE planning and executing data-driven risk identification and mitigation engagements for large-scale digital platforms, using Splunk Logging, PowerShell scripting, Python Scripting, MS Excel, PowerBI for data analytics and visualization, and AWS Cloudtrail.

  • DE evaluating end-to-end security of platforms and Continuous Integration and Continuous Delivery (CI/CD) pipelines (including penetration testing), using GitHub, Jenkins, CyberArk, HashiCorp Vault, and Artifactory.

Salary: $129,600.00 - $137,000.00/year.

#PE1M2

#LI-DNI

Certifications:Category:Information Technology

Please be advised that Fidelity's business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.


What Fidelity Investments employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom