Get C2C/W2 Jobs & hotlist update

US jobs, C2C Hotlists, vendor list and Staffing News

Software Risk Manager C2C jobs in Lawrence, MA or San Francisco, CA (Hybrid) with Virtusa

Software Risk Manager – Hybrid role in Lawrence, MA or San Francisco, CA area. Local candidates are preferred. 

Contract 

 

Software Risk Manager Job Description:

The Software Risk Manager is responsible for identifying, assessing, mitigating, and continuously monitoring risks associated with software development, deployment, integration, and operations. This role operates at the intersection of engineering, cybersecurity, compliance, product management, and enterprise risk to ensure software systems meet regulatory, security, operational, and business continuity standards.

The position requires deep understanding of SDLC governance, third-party risk, secure architecture principles, and operational resilience frameworks.

Software Risk Governance
Establish and maintain a formal software risk management framework aligned to enterprise risk standards.
Define risk taxonomy specific to software engineering, DevOps, cloud architecture, AI/ML systems, and third-party integrations.
Develop and enforce risk control policies across the SDLC.
Maintain software risk register and risk heat maps.

Risk Identification & Assessment
Conduct risk assessments for:
New software initiatives
Major releases
IoT connected devices

Third-party software integrations
Perform architecture risk reviews.
Lead threat modeling exercises.
Evaluate systemic, operational, security, and compliance risks.
SDLC & DevSecOps Integration

Embed risk controls within Agile,  or DevOps workflows.
Collaborate with engineering leadership to implement secure-by-design and privacy-by-design principles.
Ensure code review, vulnerability scanning, and penetration testing processes are enforced.
Validate CI/CD pipelines include appropriate risk gates.

Regulatory & Compliance Alignment

  • Align software controls with relevant frameworks such as:
  • Support internal and external audits.
  • Maintain documentation for regulatory reviews.

Third-Party & Vendor Risk (not part of device scope, but for future)

  • Assess software vendors and SaaS platforms for:
    • Security posture
    • Data protection controls
    • Operational resilience
    • Financial stability risk
  • Coordinate due diligence reviews and ongoing monitoring.

Incident & Issue Management (this is closer to system risk and not needed for this role as we have a system risk manager)

  • Participate in post-incident root cause analysis.
  • Evaluate control breakdowns.
  • Recommend systemic remediation actions.
  • Track risk treatment plans to closure.

 

 

Neha Chaudhary
Team Lead – Recruitment
e: neha.chaudhary@compunnel.com 

:

:
:
:
    
🔔 Get our daily C2C jobs / Hotlist notifications on 

WHATSAPP              TELEGRAM                  LINKEDIN
   

About Author

I’m Monica Kerry, a passionate SEO and Digital Marketing Specialist with over 9 years of experience helping businesses grow their online presence. From SEO strategy, keyword research, content optimization, and link building to social media marketing and PPC campaigns, I specialize in driving organic traffic, boosting rankings, and increasing conversions. My mission is to empower brands with result-oriented digital marketing solutions that deliver measurable success.

Leave a Reply

Your email address will not be published. Required fields are marked *

×

Post your C2C job instantly

Quick & easy posting in 10 seconds

Keep it concise - you can add details later
Please use your company/professional email address
Simple math question to prevent spam
✅ Quick posting • 🔒 Secure • 🚀 Instant visibility