Risk Manager
Rockville, MD ยท On-site
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
Risk Manager
Rockville, MD ยท On-site
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
Risk Manager
$155K - $165K/yr
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
Quick apply
Risk Manager
$155K - $165K/yr
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
CVP is seeking an Cybersecurity Risk Manager for a large government agency enterprise-level ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
CVP is seeking an Cybersecurity Risk Manager for a large government agency enterprise-level ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
Risk Manager
Rockville, MD ยท On-site
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
Risk Manager
Rockville, MD ยท On-site
The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the ... The Contractor shall comply with all agency IT security and Privacy policies and standards ...
Senior Manager, Technology Risk Guide - Enterprise Services Risk The Enterprise Services Risk organization is expanding with a focus on attracting innovative, pioneering, collaborative, and highly ...
Senior Manager, Technology Risk Guide - Enterprise Services Risk The Enterprise Services Risk organization is expanding with a focus on attracting innovative, pioneering, collaborative, and highly ...
Technology Operations Risk Senior
Mclean, VA ยท On-site
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
Technology Operations Risk Senior
Mclean, VA ยท On-site
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
Senior Manager, Technology Risk Guide - Enterprise Services Risk The Enterprise Services Risk organization is expanding with a focus on attracting innovative, pioneering, collaborative, and highly ...
Senior Manager, Technology Risk Guide - Enterprise Services Risk The Enterprise Services Risk organization is expanding with a focus on attracting innovative, pioneering, collaborative, and highly ...
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
Technology Risk Management (TRM)'s second line of defense function is a growing organization focused on providing expert advice, credible challenge, and effective advisory and oversight of technology ...
Technology Risk Management (TRM)'s second line of defense function is a growing organization focused on providing expert advice, credible challenge, and effective advisory and oversight of technology ...
Risk Manager
Mclean, VA ยท On-site
Collaborate effectively with senior leadership across organizations such as Operational Risk Management, Compliance, Legal, Technology, Internal Audit, Regulatory Relations, etc. Basic Qualifications:
Risk Manager
Mclean, VA ยท On-site
Collaborate effectively with senior leadership across organizations such as Operational Risk Management, Compliance, Legal, Technology, Internal Audit, Regulatory Relations, etc. Basic Qualifications:
IT Risk and Compliance Professional
$106.50K - $107K/yr
Bachelor's degree in accounting, accounting information systems or computer science. * 5 or more years of IT internal/external audit experience (internal audit or risk management experience with a ...
IT Risk and Compliance Professional
$106.50K - $107K/yr
Bachelor's degree in accounting, accounting information systems or computer science. * 5 or more years of IT internal/external audit experience (internal audit or risk management experience with a ...
IT Risk and Compliance Professional
Washington, DC ยท On-site
$106.50K - $107K/yr
Bachelor's degree in accounting, accounting information systems or computer science. * 5 or more years of IT internal/external audit experience (internal audit or risk management experience with a ...
IT Risk and Compliance Professional
Washington, DC ยท On-site
$106.50K - $107K/yr
Bachelor's degree in accounting, accounting information systems or computer science. * 5 or more years of IT internal/external audit experience (internal audit or risk management experience with a ...
IT Risk and Compliance Professional
$106.50K - $107K/yr
Bachelor's degree in accounting, accounting information systems or computer science. * 5 or more years of IT internal/external audit experience (internal audit or risk management experience with a ...
IT Risk and Compliance Professional
$106.50K - $107K/yr
Bachelor's degree in accounting, accounting information systems or computer science. * 5 or more years of IT internal/external audit experience (internal audit or risk management experience with a ...
Collaborate effectively with senior leadership across organizations such as Operational Risk Management, Compliance, Legal, Technology, Internal Audit, Regulatory Relations, etc. Basic Qualifications:
Collaborate effectively with senior leadership across organizations such as Operational Risk Management, Compliance, Legal, Technology, Internal Audit, Regulatory Relations, etc. Basic Qualifications:
Sr. Manager, Cyber Risk & Analysis | Retail Bank Premium Products & Experiences
Mclean, VA ยท On-site
Manage end to end tech and cyber risk management - from defining policies and procedures, performing assessments, tracking remediation activities, to closing risk findings * Rationalize tech and ...
Sr. Manager, Cyber Risk & Analysis | Retail Bank Premium Products & Experiences
Mclean, VA ยท On-site
Manage end to end tech and cyber risk management - from defining policies and procedures, performing assessments, tracking remediation activities, to closing risk findings * Rationalize tech and ...
Risk Manager, Senior Category: Leadership and Management Roles Main location: United States ... You must have a passion for keeping pace with rapidly evolving technology advancements and ...
Risk Manager, Senior Category: Leadership and Management Roles Main location: United States ... You must have a passion for keeping pace with rapidly evolving technology advancements and ...
Understand the impact of key technology trends and workforce changes impacting our clients through ... Credit Risk, Liquidity Risk, Market Risk, Capital Management/Stress Testing * Knowledge of ...
Understand the impact of key technology trends and workforce changes impacting our clients through ... Credit Risk, Liquidity Risk, Market Risk, Capital Management/Stress Testing * Knowledge of ...
Program Risk Manager
Herndon, VA ยท On-site
$86K - $138K/yr
Develop, maintain, and execute the Program Risk Management Plan and procedures aligned with PMO ... As the world's leading mission capability integrator and transformative enterprise IT provider, we ...
Program Risk Manager
Herndon, VA ยท On-site
$86K - $138K/yr
Develop, maintain, and execute the Program Risk Management Plan and procedures aligned with PMO ... As the world's leading mission capability integrator and transformative enterprise IT provider, we ...
Program Risk Manager
Herndon, VA ยท On-site
$86K - $138K/yr
Develop, maintain, and execute the Program Risk Management Plan and procedures aligned with PMO ... As the world's leading mission capability integrator and transformative enterprise IT provider, we ...
Program Risk Manager
Herndon, VA ยท On-site
$86K - $138K/yr
Develop, maintain, and execute the Program Risk Management Plan and procedures aligned with PMO ... As the world's leading mission capability integrator and transformative enterprise IT provider, we ...
Technology Risk Manager information
See Washington, DC salary details
$58.2K - $70.3K
4% of jobs
$70.3K - $82.5K
6% of jobs
$82.5K - $94.6K
11% of jobs
$99.2K is the 25th percentile. Wages below this are outliers.
$94.6K - $106.8K
11% of jobs
The median wage is $116.5K / yr.
$106.8K - $119K
23% of jobs
$119K - $131.1K
13% of jobs
$139.2K is the 75th percentile. Wages above this are outliers.
$131.1K - $143.3K
12% of jobs
$143.3K - $155.5K
8% of jobs
$155.5K - $167.6K
6% of jobs
$167.6K - $179.8K
4% of jobs
$179.8K - $192K
2% of jobs
$58.2K
$126K
$192K
How much do technology risk manager jobs pay per year?
As of May 29, 2026, the average yearly pay for technology risk manager in Washington, DC is $125,970.00, according to ZipRecruiter salary data. Most workers in this role earn between $101,600.00 and $145,700.00 per year, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as a Technology Risk Manager, and why are they important?
To thrive as a Technology Risk Manager, you need expertise in risk assessment, cybersecurity principles, and regulatory compliance, often supported by a degree in information security or related fields. Familiarity with risk management frameworks (such as NIST or ISO 27001), GRC (governance, risk, and compliance) tools, and certifications like CISM or CISSP are typically required. Strong analytical thinking, communication, and stakeholder management skills help you translate technical risks into business terms and coordinate mitigation efforts. These abilities are critical to proactively identifying threats and ensuring organizational resilience against evolving technology risks.
What are some common challenges Technology Risk Managers face when working across different departments?
Technology Risk Managers often encounter challenges in aligning risk management strategies with the priorities of various business units. Departments may have differing levels of risk tolerance, technical understanding, and resource availability, which can make establishing consistent policies and controls difficult. Success in the role relies on strong communication and negotiation skills, as well as the ability to educate stakeholders about the importance of risk mitigation while balancing business objectives. Building collaborative relationships and maintaining flexibility are key to overcoming these cross-departmental challenges.
What are Technology Risk Managers?
Technology Risk Managers are professionals responsible for identifying, assessing, and mitigating risks associated with information technology systems and processes within an organization. They ensure that IT operations comply with regulations and best practices while safeguarding data and technology assets from threats such as cyberattacks, data breaches, and system failures. Their work involves developing risk management strategies, conducting risk assessments, and collaborating with other departments to ensure the organization's technology infrastructure is secure and resilient.
What is the difference between Technology Risk Manager vs Cybersecurity Analyst?
| Aspect | Technology Risk Manager | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISA | CISSP, CEH, Security+ |
| Work Environment | Risk assessment, policy development, compliance | Monitoring security threats, incident response, vulnerability analysis |
| Industry Usage | Financial, healthcare, technology firms | IT security teams, government agencies, corporations |
The Technology Risk Manager focuses on identifying and mitigating overall technology risks and ensuring compliance, while the Cybersecurity Analyst concentrates on protecting systems from security threats and responding to incidents. Both roles require similar certifications and often work within the same industries, but their core responsibilities differ in scope and focus.
Job description
Overview
CVP is seeking an Cybersecurity Risk Managerย for a large government agency enterprise-level cybersecurity program. The Cybersecurity Risk Manager will work directly with the Cybersecurity Program Manager and the agency's CIO and CISO in cybersecurity tasks such as information security policy development and implementation; security compliance monitoring; security audit management; risk assessment; system authorization; security reporting; and other information security-related tasks.
Responsibilities- Identify, evaluate, and develop strategies for handling risks to reduce information security and privacy risk across the agency.
- Provide recommendations, guidance, planning, and implementation support for agency risk management activities and tools, and provide support as needed to enhance the agency's Information Security Program related to governance, optimizations, automation, and supporting tools.
- Developing an agency Information Security Risk Management Strategy in accordance with the latest released versions of NIST Special Publications (SPs) such as SP 800-37, Risk Management Framework for Information Systems and Organizations and SP 800-39, Managing Information Security Risk (as revised).
- Conducting an enterprise risk assessment and developing an agency Information Security Risk Assessment Report that addresses all findings from the assessment
- Developing an agency Privacy and Security Roadmap that recommends privacy and information security capabilities based on risks identified in the agency's Information Security Risk Assessment Report
- Developing an agency Information Security Risk Management Plan that addresses how the agency will implement and perform risk management activities regarding risk tolerance, risk assessment, risk response, risk monitoring, and risk capabilities
- Providing risk management guidance to the agency offices for A&A activities as required, ensuring continuous risk monitoring of information security control implementation effectiveness and required information security compliance requirements
- Support the Information Security and Assurance Office (ISAO) in implementing and overseeing the organization's information security risk management and security assessment and authorization (A&A) activities.
- Advise the agency on how best to tailor the revised A&A process to handle non-traditional technologies including, but not limited to, cloud, mobile, and Internet of Things.
- Provide the agency recommendations on how it can continuously monitor and assess the security posture of agency information systems over time and alert agency decision makers when an information system presents an increased risk or eminent threat to agency data and/or operations.
- Develop guidance, templates, other tools, and advice to the program offices to support their risk management and ATO activities.
- Provide risk management and information security continuous monitoring program implementation recommendations to program offices
- Track and review Plans of Actions and Milestones (POA&Ms) agency-wide to identify areas of risk as a result of unimplemented POA&Ms, a buildup of risk-based decisions, or other cross-cutting issues observed as a result of its risk management support.
- Track the A&A status for all divisions and programs that have information systems to validate they meet the requirements to protect the agency's data and operations.
- Develop the required artifacts to complete security accreditation packages for OCIO information systems and perform any required assessments, as requested. The Contractor shall provide oversight and advisory support to agency program office personnel for completion of information system A&A packages, as requested.
- Follow NIST Federal Information Processing Standards (FIPS) and Special Publications (SPs) to include, but not limited to, FIPS 199 and 200, SP 800-39, SP 800-37, SP 800-137, SP 800-60, SP 800-53, SP 800-53A, SP 800-34, SP 800-30, and SP 800-18. The Contractor shall comply with all agency IT security and Privacy policies and standards including, and the agency Privacy Impact Assessment (PIA) requirements and associated templates.
- Minimum of six years' experience in cybersecurity. 10+ years' experience is preferred.
- Minimum of six years' experience leading and delivering in FISMA-based and FedRAMP Assessment and Authorization (A&A) programs for comparably sized federal agencies and programs. Seven plus years' experience is preferred.
- Shall have at least one of the following industry-recognized certifications:
- Certified Information System Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified in Risk and Information Systems Control (CRISC)
- Familiarity with Information Technology Infrastructure Library (ITIL) Foundation Compliance (GRC) tool, continuous monitoring, and vulnerability management tools or services. Note: NIH currently uses CSAM.
- Demonstrated experience managing cybersecurity teams including personnel, workload, priorities, scheduling, and risks.
- Proven experience bringing innovative approaches to help reduce the FISMA workload and time to authorization/reauthorization through such methods as boundary consolidation, common control identification and re-use, automation, assessment readiness reviews, and digital transformation.
Desired Skills
- PMP Certification
- CISSP Certification
- Experience with Security Assessment Tools (Tenable Nessus, DBProtect, Wireshark, WebInspect)
- NIH/HHS experience
Location
- Rockville, MD (Hybrid)
Salary Band: $155-165k (Depending on experience)
About CVP
CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation.CVP is an Equal Opportunity Employer dedicated to actively recruiting individuals and providing advancement opportunities based on merit and legitimate job qualifications. We ensure that all associates receive equal opportunities based on their personal qualifications and job requirements. CVP strictly prohibits any form of discrimination or harassment.At CVP, we cultivate a work environment that encourages fairness, teamwork, and respect among all associated. We are committed to maintaining a workplace where everyone can grow both personally and professionally.
Employment Type: FULL_TIME
About Customer Value Partners
Sourced by ZipRecruiter
Company size
51 - 200 Employees
Headquarters location
Fairfax, VA, US
Year founded
2002