ZipRecruiter

Log In

1

Technology Risk Manager Jobs in Boston, MA (NOW HIRING)

Deloitte

Financial Risk Manager

Boston, MA

Understand the impact of key technology trends and workforce changes impacting our clients through ... Credit Risk, Liquidity Risk, Market Risk, Capital Management/Stress Testing * Knowledge of ...

WHOOP

Senior Risk & Compliance Analyst

Boston, MA · On-site

Required : • 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. • Demonstrated experience conducting structured cybersecurity or ...

Thinkbrg

IT Risk and Compliance Analyst

Boston, MA

$90K - $115K/yr

Reporting Relationships: * IT Risk and Compliance Manager Key Contacts: * Works closely with the Legal and Business Unit stakeholders. * This role will work with the clients in response to security ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA · On-site

$130K - $170K/yr

QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. * Demonstrated experience conducting structured cybersecurity or ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA · On-site

$130K - $170K/yr

QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. * Demonstrated experience conducting structured cybersecurity or ...

Whoop

Senior Risk & Compliance Analyst

Boston, MA

$130K - $170K/yr

QUALIFICATIONS: * 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field. * Demonstrated experience conducting structured cybersecurity or ...

next page

Showing results 1-20

All JobsTechnology Risk Manager JobsTechnology Risk Manager Jobs in Boston, MA

Technology Risk Manager information

See Boston, MA salary details

$56K

$121.2K

$184.7K

How much do technology risk manager jobs pay per year?

As of Jun 20, 2026, the average yearly pay for technology risk manager in Boston, MA is $121,195.00, according to ZipRecruiter salary data. Most workers in this role earn between $97,800.00 and $140,100.00 per year, depending on experience, location, and employer.

What is the difference between Technology Risk Manager vs Cybersecurity Analyst?

AspectTechnology Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISACISSP, CEH, Security+
Work EnvironmentRisk assessment, policy development, complianceMonitoring security threats, incident response, vulnerability analysis
Industry UsageFinancial, healthcare, technology firmsIT security teams, government agencies, corporations

The Technology Risk Manager focuses on identifying and mitigating overall technology risks and ensuring compliance, while the Cybersecurity Analyst concentrates on protecting systems from security threats and responding to incidents. Both roles require similar certifications and often work within the same industries, but their core responsibilities differ in scope and focus.

What are some common challenges Technology Risk Managers face when working across different departments?

Technology Risk Managers often encounter challenges in aligning risk management strategies with the priorities of various business units. Departments may have differing levels of risk tolerance, technical understanding, and resource availability, which can make establishing consistent policies and controls difficult. Success in the role relies on strong communication and negotiation skills, as well as the ability to educate stakeholders about the importance of risk mitigation while balancing business objectives. Building collaborative relationships and maintaining flexibility are key to overcoming these cross-departmental challenges.

What are the key skills and qualifications needed to thrive as a Technology Risk Manager, and why are they important?

To thrive as a Technology Risk Manager, you need expertise in risk assessment, cybersecurity principles, and regulatory compliance, often supported by a degree in information security or related fields. Familiarity with risk management frameworks (such as NIST or ISO 27001), GRC (governance, risk, and compliance) tools, and certifications like CISM or CISSP are typically required. Strong analytical thinking, communication, and stakeholder management skills help you translate technical risks into business terms and coordinate mitigation efforts. These abilities are critical to proactively identifying threats and ensuring organizational resilience against evolving technology risks.

What are Technology Risk Managers?

Technology Risk Managers are professionals responsible for identifying, assessing, and mitigating risks associated with information technology systems and processes within an organization. They ensure that IT operations comply with regulations and best practices while safeguarding data and technology assets from threats such as cyberattacks, data breaches, and system failures. Their work involves developing risk management strategies, conducting risk assessments, and collaborating with other departments to ensure the organization's technology infrastructure is secure and resilient.
Technology Risk Manager jobs near you
Infographic showing various Technology Risk Manager job openings in Boston, MA as of June 2026, with employment types broken down into 1% As Needed, 88% Full Time, 7% Part Time, 1% Temporary, and 3% Contract. Highlights an 92% Physical, 2% Hybrid, and 6% Remote job distribution, with an average salary of $121,195 per year, or $58.3 per hour.

Principal Technology Risk Analyst

Fidelity Investments

Boston, MA • On-site

$140K - $150K/yr

Full-time

Posted 9 days ago

Fidelity Investments rating

8.7

Company rating: 8.7 out of 10

Based on 264 frontline employees who took The Breakroom Quiz

14th of 138 rated financial services

Job description

Job Description:
Position Description:
***Applicants are permitted to work remotely from an at-home worksite anywhere in the United States.***
Facilitates all external audit activity related to financial reporting, independent controls attestation, and compliance with regulatory requirements. Performs proactive risk assessments and develops control strategies for emerging technologies, including AI, Machine Learning, and Snowflake data services. Runs external audits and technology risk support for inquiries from technology and operational stakeholders. Supports systems and technology for external audit activity, including attestation and financial statement audits.
Primary Responsibilities:
  • Enhances the external audit program activities focused on key technology areas, including DevOps, Cloud, and Technology Operations.
  • Coordinates external auditor readiness engagements and readiness assessments, and provides timely status updates to management.
  • Plans and coordinates audit cycles with external auditors and internal stakeholders.
  • Facilitates requests from external auditor and monitors the progress to ensure timely completion.
  • Performs technology risk assessments and develops control strategies; including documenting controls, identifying potential gaps and inconsistencies, and making recommendations for improvement and mitigation.
  • Provides technical assistance on risk related systems issues.
  • Serves as a liaison with technology and risk teams to track external audit findings and perform issues follow-up.
  • Consults with other team members to generate action plans and resolve technical issues.
  • Assesses the various information technology risks that the business faces in its operations and implements action plans, policy, and procedural changes for risk avoidance and mitigation.
  • Evaluates control maturity by performing control design and operating effectiveness reviews and

peer reviews.
  • Assists with conducting Cloud Risk assessments and readiness reviews for applications and workloads migrating to the public Cloud environment.

Education and Experience:
Bachelor's degree in Computer Science, Engineering, Information Technology, Information Systems, Management Information Systems, or a closely related field (or foreign education equivalent) and five (5) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing Information Technology (IT) audits, risk assessments, and cybersecurity control reviews.
Or, alternatively, Master's degree in Computer Science, Engineering, Information Technology, Information Systems, Management Information Systems, or a closely related field (or foreign education equivalent) and three (3) years of experience as a Principal Technology Risk Analyst (or closely related occupation) performing Information Technology (IT) audits, risk assessments, and cybersecurity control reviews.
Skills and Knowledge:
Candidate must also possess:
  • Demonstrated Expertise ("DE") performing or coordinating external audit engagements (SOC 1, SOC 2, SOC 3, controls attestation reports, financial audits, ISO 27001, or COBIT external IT audit programs) in distributed environments; and maintaining in-scope IT General Control (ITGCs) and IT Application (ITAC) documentation and procedures.
  • DE performing an IT controls assurance program -- identifying and designing new controls, evaluating control procedures and evidence documentation, and conducting control assessments through formal design and operating effectiveness reviews; and establishing control maturity and control/process enhancements using industry control frameworks - AICPA Trust Service Criteria, HiTRUST, ISO 27001 certification standard, or NIST Cybersecurity frameworks.
  • DE performing risk management and IT audits, and implementing ITGC or cybersecurity controls for large-scale, complex IT infrastructures, including mainframe, distributed, network, cloud, and vendor hosted (SaaS/PaaS) infrastructure; reviewing vendor's independent SOC 1 or SOC 2 audit reports to confirm the appropriate controls are in place for the services provided and to safeguard data; and creating executive communications focusing on risk, impact, and corrective actions, using Governance, Risk, and Compliance (GRC) tools.
  • DE performing risk assessments and IT audits of secure software development lifecycle processes and procedures -- automated build and deployment pipelines in a DevOps solutions framework, using Github, SonarQube, Jenkins, Artifactory, or uDeploy; and assessing software development controls, identifying potential gaps and inconsistencies, and making recommendations for improvement and mitigation.

Salary: $140,000.00 - $150,000.00/year.
#PE1M2
#LI-DNI
Certifications:
Category:
Information Technology
Please be advised that Fidelity's business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

What Fidelity Investments employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply