Responsibilities : • Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Responsibilities : • Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
This role focuses on transforming how organizations manage IT risk, controls, and regulatory compliance through operating model optimization, advanced technology enablement, and integrated risk ...
This role focuses on transforming how organizations manage IT risk, controls, and regulatory compliance through operating model optimization, advanced technology enablement, and integrated risk ...
The Governance, Risk, and Compliance (GRC) team helps ensure technology and cybersecurity risks are identified, assessed, and communicated clearly across the organization. As a Senior Risk ...
Quick apply
The Governance, Risk, and Compliance (GRC) team helps ensure technology and cybersecurity risks are identified, assessed, and communicated clearly across the organization. As a Senior Risk ...
The Governance, Risk, and Compliance (GRC) team helps ensure technology and cybersecurity risks are identified, assessed, and communicated clearly across the organization. As a Senior Risk ...
The Governance, Risk, and Compliance (GRC) team helps ensure technology and cybersecurity risks are identified, assessed, and communicated clearly across the organization. As a Senior Risk ...
The Governance, Risk, and Compliance (GRC) team helps ensure technology and cybersecurity risks are identified, assessed, and communicated clearly across the organization. As a Senior Risk ...
The Governance, Risk, and Compliance (GRC) team helps ensure technology and cybersecurity risks are identified, assessed, and communicated clearly across the organization. As a Senior Risk ...
Your secondary responsibility within the Technology Risk Group, will be to assist the Vendor Risk Manager in supporting the Third Party Risk Assessment process. In this role, you will review the ...
Your secondary responsibility within the Technology Risk Group, will be to assist the Vendor Risk Manager in supporting the Third Party Risk Assessment process. In this role, you will review the ...
MD GRC Risk Management and Governance
Boston, MA · Hybrid
$170K - $282.50K/yr
Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and followthrough. * Oversee LOD and legal entity cyber risk reporting ...
MD GRC Risk Management and Governance
Boston, MA · Hybrid
$170K - $282.50K/yr
Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and followthrough. * Oversee LOD and legal entity cyber risk reporting ...
MD GRC Risk Management and Governance
Quincy, MA · Hybrid
$170K - $282.50K/yr
Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and followthrough. * Oversee LOD and legal entity cyber risk reporting ...
MD GRC Risk Management and Governance
Quincy, MA · Hybrid
$170K - $282.50K/yr
Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and followthrough. * Oversee LOD and legal entity cyber risk reporting ...
MD GRC Risk Management and Governance
Quincy, MA · On-site
$170K - $282.50K/yr
Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and follow-through. * Oversee LOD and legal entity cyber risk reporting ...
MD GRC Risk Management and Governance
Quincy, MA · On-site
$170K - $282.50K/yr
Serve as the primary cyber risk interface with Technology Risk Advisors (TRAs), coordinating inputs, challenge, outcomes, and follow-through. * Oversee LOD and legal entity cyber risk reporting ...
Technology Risk Remediation Governance Manager, Vice President
Quincy, MA · On-site
$120K - $210K/yr
Who we are looking for State Street Global Technology Services (GTS) is seeking a skilled and proven Technology Risk Remediation Governance Manager, Vice President to uplift its risk and regulatory ...
Technology Risk Remediation Governance Manager, Vice President
Quincy, MA · On-site
$120K - $210K/yr
Who we are looking for State Street Global Technology Services (GTS) is seeking a skilled and proven Technology Risk Remediation Governance Manager, Vice President to uplift its risk and regulatory ...
Who we are looking for State Street Global Technology Services (GTS) is seeking a skilled and proven Technology Risk Remediation Governance Manager, Vice President to uplift its risk and regulatory ...
Who we are looking for State Street Global Technology Services (GTS) is seeking a skilled and proven Technology Risk Remediation Governance Manager, Vice President to uplift its risk and regulatory ...
Senior IT Auditor Specialist
$102.20K - $134.30K/yr
Senior IT Auditor Specialist Location US-MA-Boston ID 2026-1147 Position Type Full-Time Additional ... You will play a crucial role in enhancing our risk and control culture and implementing sound ...
Senior IT Auditor Specialist
$102.20K - $134.30K/yr
Senior IT Auditor Specialist Location US-MA-Boston ID 2026-1147 Position Type Full-Time Additional ... You will play a crucial role in enhancing our risk and control culture and implementing sound ...
Senior IT Auditor Specialist
$102.20K - $134.30K/yr
You will play a crucial role in enhancing our risk and control culture and implementing sound ... Evaluate technology risks related to cloud platforms, data management, automation, and thirdparty ...
Senior IT Auditor Specialist
$102.20K - $134.30K/yr
You will play a crucial role in enhancing our risk and control culture and implementing sound ... Evaluate technology risks related to cloud platforms, data management, automation, and thirdparty ...
Senior IT Auditor Specialist
Boston, MA · On-site
$125K - $140K/yr
Conduct comprehensive risk-based IT audits covering IT general controls, application controls, infrastructure, cybersecurity, and technology processes supporting investment and fund operations.
Senior IT Auditor Specialist
Boston, MA · On-site
$125K - $140K/yr
Conduct comprehensive risk-based IT audits covering IT general controls, application controls, infrastructure, cybersecurity, and technology processes supporting investment and fund operations.
Technology Controls Assurance Programs, MD
Quincy, MA · On-site
$117.20K - $141.40K/yr
The candidate should have experience leading and executing a variety of technology risk and controls assurance programs against leading industry frameworks, preferably in highly regulated settings.
Technology Controls Assurance Programs, MD
Quincy, MA · On-site
$117.20K - $141.40K/yr
The candidate should have experience leading and executing a variety of technology risk and controls assurance programs against leading industry frameworks, preferably in highly regulated settings.
Technology Controls Assurance Programs, MD
Quincy, MA · On-site
$117.20K - $141.40K/yr
The candidate should have experience leading and executing a variety of technology risk and controls assurance programs against leading industry frameworks, preferably in highly regulated settings.
Technology Controls Assurance Programs, MD
Quincy, MA · On-site
$117.20K - $141.40K/yr
The candidate should have experience leading and executing a variety of technology risk and controls assurance programs against leading industry frameworks, preferably in highly regulated settings.
If you are a technology audit/risk professional who is looking to leverage and grow your technology skills, operate at the nexus of technology and business at a company that is leading a technology ...
If you are a technology audit/risk professional who is looking to leverage and grow your technology skills, operate at the nexus of technology and business at a company that is leading a technology ...
Senior AI Risk Advisor
Boston, MA · On-site +1
Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth ... The Senior AI Risk Advisor, under the direction of the Manager of Risk Operations, sits at the ...
Senior AI Risk Advisor
Boston, MA · On-site +1
Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth ... The Senior AI Risk Advisor, under the direction of the Manager of Risk Operations, sits at the ...
If yes, consider joining Baker Tilly (BT) as an IT Audit, Cybersecurity & Risk Manager (HITRUST) ! Our Risk Advisory practice provides a full spectrum of services to help our clients assess their ...
If yes, consider joining Baker Tilly (BT) as an IT Audit, Cybersecurity & Risk Manager (HITRUST) ! Our Risk Advisory practice provides a full spectrum of services to help our clients assess their ...
Cyber Strategy, Risk & Compliance - Senior Associate
Boston, MA · On-site
$77K - $202K/yr
The Opportunity As part of the Cyber, Strategy, Risk & Compliance team you are expected to design and develop cybersecurity and technology risk programs using industry frameworks and methodologies.
Cyber Strategy, Risk & Compliance - Senior Associate
Boston, MA · On-site
$77K - $202K/yr
The Opportunity As part of the Cyber, Strategy, Risk & Compliance team you are expected to design and develop cybersecurity and technology risk programs using industry frameworks and methodologies.
Technology Risk information
See Massachusetts salary details
$21.07 is the 25th percentile. Wages below this are outliers.
$15.75 - $21.67
28% of jobs
The median wage is $25.21 / hr.
$21.67 - $27.59
37% of jobs
$27.59 - $33.51
6% of jobs
$37.21 is the 75th percentile. Wages above this are outliers.
$33.51 - $39.43
6% of jobs
$39.43 - $45.35
12% of jobs
$45.35 - $51.27
0% of jobs
$51.27 - $57.18
0% of jobs
$57.18 - $63.10
8% of jobs
$63.10 - $69.02
0% of jobs
$69.02 - $74.94
0% of jobs
$74.94 - $80.86
2% of jobs
$15
$33
$80
How much do technology risk jobs pay per hour?
As of May 31, 2026, the average hourly pay for technology risk in Massachusetts is $33.13, according to ZipRecruiter salary data. Most workers in this role earn between $21.25 and $42.26 per hour, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive in Technology Risk, and why are they important?
To thrive in Technology Risk, you need a solid understanding of IT systems, cybersecurity principles, risk management frameworks, and often a degree in information technology or a related field. Familiarity with tools like GRC (Governance, Risk, and Compliance) platforms, vulnerability assessment software, and certifications such as CISA, CISSP, or CRISC are commonly required. Strong analytical thinking, attention to detail, and effective communication skills help professionals assess threats and convey complex risk issues to diverse stakeholders. These skills ensure organizations can proactively identify, assess, and mitigate technology risks to protect assets and maintain regulatory compliance.
What are some common challenges faced by professionals working in Technology Risk roles?
Professionals in Technology Risk often encounter challenges such as keeping up with rapidly evolving cyber threats, ensuring regulatory compliance across different jurisdictions, and effectively communicating technical risks to non-technical stakeholders. Balancing proactive risk mitigation with the need to support business innovation can also be demanding. Collaboration with IT, legal, and business units is essential to identify vulnerabilities and implement practical controls without hindering productivity.
What is Technology Risk?
Technology risk refers to the potential for losses or disruptions in an organization due to failures, vulnerabilities, or misuse of technology systems and infrastructure. Professionals in technology risk assess, manage, and mitigate risks related to cybersecurity, data privacy, IT systems, and compliance with regulations. Their work is crucial for protecting sensitive information, ensuring business continuity, and maintaining trust with clients and stakeholders.
What is the difference between Technology Risk vs Cybersecurity Analyst?
| Aspect | Technology Risk | Cybersecurity Analyst |
|---|---|---|
| Primary Focus | Identifying and managing technology-related risks to business operations | Protecting systems and data from cyber threats and attacks |
| Certifications | CRISC, CISSP, CISA | CISSP, CEH, Security+ |
| Work Environment | Risk management teams, compliance departments | Security operations centers, IT security teams |
| Industry Usage | Finance, healthcare, technology firms | Any industry with digital assets, especially finance and government |
Technology Risk professionals focus on assessing and mitigating risks associated with technology systems and processes, ensuring compliance and reducing potential disruptions. Cybersecurity Analysts primarily work to defend systems from cyber threats, focusing on security measures and incident response. While both roles involve technology and security, their core objectives and daily tasks differ significantly.
What are the most commonly searched types of Technology Risk jobs in Massachusetts? The most popular types of Technology Risk jobs in Massachusetts are:
What are popular job titles related to Technology Risk jobs in Massachusetts? For Technology Risk jobs in Massachusetts, the most frequently searched job titles are:
What job categories do people searching Technology Risk jobs in Massachusetts look for? The top searched job categories for Technology Risk jobs in Massachusetts are:
What cities in Massachusetts are hiring for Technology Risk jobs? Cities in Massachusetts with the most Technology Risk job openings:
Job description
Job Summary:
WHOOP is on a mission to unlock human performance and extend healthspan. The Senior Risk & Compliance Analyst will support the design and execution of the cyber risk management program, leading risk assessments and collaborating with various stakeholders to identify and mitigate technology and cybersecurity risks.
Responsibilities:
• Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control effectiveness, and residual risk.
• Maintain and operate the enterprise cyber risk register, including drafting risk statements, tracking mitigation plans, and supporting governance and reporting processes.
• Translate technical findings, architectural concerns, and control gaps into clear business risk scenarios that support prioritization and decision-making.
• Support and help mature quantitative cyber risk analysis approaches such as FAIR to improve how risk is measured and communicated.
• Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting.
• Partner with Security Architecture to assess risk in system designs, cloud architecture, identity models, data flows, and platform changes.
• Collaborate with Security Engineering, Product Security, Legal, IT, and business teams to evaluate new initiatives, technology changes, artificial intelligence use cases, and third-party integrations through a risk lens.
• Conduct risk assessments for emerging technologies including artificial intelligence and machine learning systems, evaluating data usage, model behavior, external dependencies, and security implications.
• Evaluate risks associated with the use of artificial intelligence technologies, including model behavior, data exposure, prompt or input manipulation, and external model dependencies.
• Develop dashboards and reporting that provide leadership with visibility into key cybersecurity risks and trends.
• Track mitigation progress and risk treatment activities to ensure accountability and clear documentation of outcomes.
• Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program.
Qualifications:
Required:
• 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field.
• Demonstrated experience conducting structured cybersecurity or IT risk assessments.
• Experience maintaining risk registers and tracking risk mitigation or treatment activities.
• Strong understanding of security frameworks such as NIST CSF, ISO 27001, or PCI DSS, and familiarity with regulatory environments such as GDPR, HIPAA or other privacy and data protection requirements.
• Ability to translate technical findings into clear business risk for non-technical stakeholders.
• Strong written and verbal communication skills with experience presenting findings to cross-functional teams.
• Experience working with engineering, architecture, legal, compliance, and business stakeholders.
• Experience assessing risks related to artificial intelligence, machine learning systems, or emerging technologies, including familiarity with emerging AI governance frameworks such as NIST AI RMF, ISO/IEC 42001, or similar standards.
Preferred:
• Professional certifications such as CRISC, CISSP, CISM, CISA, or CGRC are a plus.
Company:
WHOOP provides wearable fitness technology and a subscription platform that tracks physiological data for health and performance insights. Founded in 2012, the company is headquartered in Boston, USA, with a team of 501-1000 employees. The company is currently Late Stage.
WHOOP is on a mission to unlock human performance and extend healthspan. The Senior Risk & Compliance Analyst will support the design and execution of the cyber risk management program, leading risk assessments and collaborating with various stakeholders to identify and mitigate technology and cybersecurity risks.
Responsibilities:
• Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control effectiveness, and residual risk.
• Maintain and operate the enterprise cyber risk register, including drafting risk statements, tracking mitigation plans, and supporting governance and reporting processes.
• Translate technical findings, architectural concerns, and control gaps into clear business risk scenarios that support prioritization and decision-making.
• Support and help mature quantitative cyber risk analysis approaches such as FAIR to improve how risk is measured and communicated.
• Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting.
• Partner with Security Architecture to assess risk in system designs, cloud architecture, identity models, data flows, and platform changes.
• Collaborate with Security Engineering, Product Security, Legal, IT, and business teams to evaluate new initiatives, technology changes, artificial intelligence use cases, and third-party integrations through a risk lens.
• Conduct risk assessments for emerging technologies including artificial intelligence and machine learning systems, evaluating data usage, model behavior, external dependencies, and security implications.
• Evaluate risks associated with the use of artificial intelligence technologies, including model behavior, data exposure, prompt or input manipulation, and external model dependencies.
• Develop dashboards and reporting that provide leadership with visibility into key cybersecurity risks and trends.
• Track mitigation progress and risk treatment activities to ensure accountability and clear documentation of outcomes.
• Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program.
Qualifications:
Required:
• 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field.
• Demonstrated experience conducting structured cybersecurity or IT risk assessments.
• Experience maintaining risk registers and tracking risk mitigation or treatment activities.
• Strong understanding of security frameworks such as NIST CSF, ISO 27001, or PCI DSS, and familiarity with regulatory environments such as GDPR, HIPAA or other privacy and data protection requirements.
• Ability to translate technical findings into clear business risk for non-technical stakeholders.
• Strong written and verbal communication skills with experience presenting findings to cross-functional teams.
• Experience working with engineering, architecture, legal, compliance, and business stakeholders.
• Experience assessing risks related to artificial intelligence, machine learning systems, or emerging technologies, including familiarity with emerging AI governance frameworks such as NIST AI RMF, ISO/IEC 42001, or similar standards.
Preferred:
• Professional certifications such as CRISC, CISSP, CISM, CISA, or CGRC are a plus.
Company:
WHOOP provides wearable fitness technology and a subscription platform that tracks physiological data for health and performance insights. Founded in 2012, the company is headquartered in Boston, USA, with a team of 501-1000 employees. The company is currently Late Stage.
About Whoop
Sourced by ZipRecruiter
At WHOOP, we're on a mission to unlock human performance. WHOOP empowers users (Olympians, Professional Athletes, Fitness Enthusiasts, etc) to perform at a higher level through a deeper understanding of their bodies and daily lives.
Industry
Fitness and sports centers
Company size
501 - 1,000 Employees
Headquarters location
Boston, MA, US
Year founded
2012