Strayer University Logo

Strayer University

Principal IT Risk Management Analyst

Posted Yesterday
Be an Early Applicant
Remote
Hiring Remotely in USA
119K-179K Annually
Senior level
Remote
Hiring Remotely in USA
119K-179K Annually
Senior level
Lead and advance the enterprise IT risk management program by identifying, quantifying, and managing technology risks. Conduct complex risk assessments using NIST CSF and CIS Controls, maintain the IT risk register, drive mitigation and exception processes, build KRIs and executive reporting, enable GRC platforms and automation, and mentor junior analysts while translating technical risk into business context for leadership.
The summary above was generated by AI
At Strategic Education Inc., our mission is to enable economic mobility through education. Through our portfolio of institutions and learning solutions, we serve working adult learners by improving affordability, engagement, and workforce readiness. This mission guides our approach to technology, cybersecurity, and risk management.
The Principal IT Risk Management Analyst is a senior leader responsible for advancing the organization's IT risk management program. This is not a compliance or audit role. The successful candidate will have deep experience identifying, assessing, quantifying, and managing technology risk, along with the technical understanding needed to evaluate security controls, identify technology risks, and engage effectively with cybersecurity, engineering, and architecture teams. While the role does not require designing technical solutions or interpreting detailed system configurations, it does require the ability to understand how technology decisions, vulnerabilities, and control weaknesses translate into organizational risk and business impact.
This role drives strategy, leads complex technology risk assessments, and partners across the enterprise to ensure technology risks are effectively identified, measured, managed, and communicated in alignment with organizational risk appetite and tolerance. Success in this role requires the ability to translate technical risk into meaningful business context for executive leadership.

Essential Duties & Responsibilities 

Strategic Leadership 

  • Lead and evolve the IT security risk management program in alignment with organizational goals, risk appetite, and risk tolerance 

  • Partner with executive leadership to shape risk strategy and drive enterprise-wide adoption 

  • Serve as a key advisor on risk posture, translating technical findings into strategic business decisions 

Risk Assessment & Analysis 

  • Identify, assess, and quantify technology risks by evaluating cybersecurity threats, operational vulnerabilities, and emerging technology risks using qualitative and quantitative methodologies 

  • Conduct risk assessments using established frameworks, including NIST CSF and CIS Controls v8 

  • Translate technical findings into clear, actionable business risk and support risk-based decision making 

  • Manage and maintain the enterprise IT risk register, including risk ownership, scoring, and lifecycle tracking 

Risk Mitigation & Governance 

  • Design and implement IT security risk mitigation strategies and controls aligned with industry standards 

  • Lead the risk exception management process, including evaluation, documentation, and risk acceptance decisions 

  • Provide risk-informed guidance for complex technology initiatives, including emerging areas such as artificial intelligence and machine learning 

  • Integrate IT security risk management practices into business and technology processes 

  • Support the development and lifecycle management of information security policies and standards 

Risk Reporting & Insights 

  • Define and evolve risk metrics, key risk indicators (KRIs), and risk appetite thresholds 

  • Develop dashboards and reporting that translate risk data into actionable insights for executive and board-level audiences 

  • Communicate complex risk concepts clearly to both technical and non-technical stakeholders 

Program Enablement & Continuous Improvement 

  • Drive adoption of IT security risk platforms and workflow automation to improve efficiency and scalability 

  • Identify and implement automation opportunities across risk management workflows 

  • Continuously enhance risk methodologies, tools, and processes 

  • Stay current on the evolving threat landscape, emerging technologies, and industry practices 

Mentorship & Development 

  • Mentor and guide junior team members in direct or matrixed reporting relationships 

  • Lead or own workstreams while providing direction and support to junior analysts 

 

Qualifications 

Skills & Expertise 

  • Strong leadership, analytical, and problem-solving skills with a risk-first mindset 

  • Demonstrated team leadership through mentoring, coaching, or leading analysts 

  • Ability to own workstreams and guide junior staff in a matrixed environment 

  • Strong technical depth to identify risks, evaluate control effectiveness, and translate vulnerability and technical data into business risk 

  • Deep knowledge of NIST CSF, CIS Controls v8, and related frameworks 

  • Proven ability to build and manage an enterprise IT risk register and exception management program 

  • Experience building and evolving risk metrics, KRIs, dashboards, and executive reporting 

  • Hands-on experience with GRC platforms and workflow automation tools (e.g., Archer, ServiceNow GRC, OneTrust, Jira, Rapid7 Nexpose) and the ability to automate processes 

  • Understanding of AI/ML risk domains, including model risk, data integrity, bias, and adversarial threats, with the ability to recommend controls 

  • Experience drafting, reviewing, and improving information security policies and standards 

  • Ability to communicate technical concepts and residual risk clearly to non-technical stakeholders 

Work Experience 

  • 5+ years of IT risk management experience, with a focus on risk assessment, quantification, and risk register ownership (not primarily compliance or audit) 

  • 3+ years mentoring or leading team members 

  • Demonstrated experience mentoring analysts while owning and delivering discrete risk workstreams or program components 

  • Experience conducting risk assessments aligned to NIST CSF, CIS Controls v8, or similar frameworks 

  • Experience managing an IT risk register, risk exception processes, and residual risk documentation 

  • Experience developing risk metrics, dashboards, and executive reporting 

  • Experience with GRC platforms and workflow automation in a risk context 

  • Experience managing risks related to emerging technologies, including artificial intelligence 

Education & Certifications 

  • Bachelor’s degree in a relevant discipline required; Master’s degree preferred

 

Preferred certifications: 

  • CRISC (ISACA) 

  • CISSP (ISC²) 

  • CISM (ISACA) 

  • CompTIA Security+ 

  • CompTIA CySA+ 

  • CompTIA CASP+ 

  • CGEIT (ISACA) 

Other:

  • Must be able to travel occasionally should a business need arise. For most roles travel would not be common. Travel may involve plane, car or metro. In accordance with ADA policies, reasonable accommodations regarding travel limitations can be provided. Travel will be more common for roles such as Account Executives (25 - 50%), senior leaders (10 – 20%) or Capella Core Faculty (5 – 10%). 

  • Ability to work onsite in Corporate or Campus location (in a typical office environment) may be required based on role. If so, this would include being mobile within the office, including movement from floor-to-floor using elevators or stairs.

  • If offsite or hybrid role, must have access to work in setting which enables meeting all requirements of the role (including privacy, reliable internet access, phone, ability to video conference, etc.) at a remote location.

  • This role may require lifting, however reasonable accommodations will be provided in accordance with our ADA policies.

  • Must be able to meet critical thinking and problem solving aspects aligned to job duties, as well as effectively communicating with co-workers.

  • Must be able to work more than 40 hours per week when business needs warrant. Accommodations related to schedule may be considered. 

  • Able to access information using a computer.

  • Other essential functions and marginal job functions are subject to modification.

#LI-JD1

SEI offers a comprehensive package of benefits to employees scheduled 30 hours or more per week. In addition to medical, dental, vision, life and disability plans, SEI employees may take advantage of well-being incentives, parental leave, paid time off, certain paid holidays, tax saving accounts (FSA, HSA), 401(k) retirement benefit, Employee Stock Purchase Plan, tuition assistance as well as entertainment and retail discounts. Non-exempt employees are eligible for overtime pay, if applicable.

Careers - Our Benefits, Strategic Education, Inc

SEI is an equal opportunity employer committed to fostering an inclusive and collaborative culture where individuals can grow their careers and contribute fully. We strive to attract talent with broad experiences, skills and perspectives. We welcome applications from all. While it is not typical for an individual to be hired at or near the top end of the pay range at SEI, we offer a competitive salary.  The actual base pay offered to the successful candidate may vary depending on multiple factors including, but not limited to, job-related knowledge/skills, experience, business needs, geographical location, and internal pay equity. Our Talent Acquisition Team is ready to discuss your interest in joining SEI. The expected salary range for this position is below.

$119,300.00 - $178,900.00 - Salary

If you require reasonable accommodations to complete our application process, please contact our Human Resources Department at [email protected].

Similar Jobs

40 Minutes Ago
Easy Apply
Remote or Hybrid
2 Locations
Easy Apply
168K-240K Annually
Senior level
168K-240K Annually
Senior level
Cloud • Information Technology • Security • Software • Cybersecurity
Lead the Healthcare Provider sales team for New England, coach and develop sellers, drive territory planning and resource allocation, scale sales processes, build teams and partner channels, and achieve revenue targets for Zscaler's cloud-native security platform.
Top Skills: AICloud-NativeEnterprise SecuritySaaSZero TrustZscaler
49 Minutes Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
134K-203K Annually
Senior level
134K-203K Annually
Senior level
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
Lead design and operation of large-scale data pipelines and data APIs. Build Spark/PySpark workflows on Databricks, optimize job performance, manage data quality and observability, and develop MCP servers and AI-agent integrations. Mentor engineers, define standards, support production incidents and on-call rotations, and collaborate with stakeholders to deliver scalable data platform products.
Top Skills: Apache IcebergApi GatewayAWSAws LambdaAws Rds/AuroraAzureDatabricksDatadogDbtFastapiFivetranGCPGoogle BigqueryLlms/Ai AgentsMcp ServersMs Sql ServerMySQLOraclePostgresPysparkPythonS3SecretsmanagerSnowflakeSnsSparkSplunkSQLSqs
52 Minutes Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
200K-250K Annually
Senior level
200K-250K Annually
Senior level
Marketing Tech • Real Estate • Software • PropTech • SEO
Lead architecture and delivery of AI-native features for a multi-tenant SaaS platform. Drive cross-functional technical initiatives, design scalable microservice systems, integrate LLMs and agent frameworks, set engineering standards, and mentor engineers to elevate technical execution.
Top Skills: AnthropicApolloAWSClaude CodeDynamoDBElasticsearchGraphQLKafkaKubernetesLambdaNode.jsPostgresReactRedisSqsTailwindTemporalTypescript

What you need to know about the NYC Tech Scene

As the undisputed financial capital of the world, New York City is an epicenter of startup funding activity. The city has a thriving fintech scene and is a major player in verticals ranging from AI to biotech, cybersecurity and digital media. It also has universities like NYU, Columbia and Cornell Tech attracting students and researchers from across the globe, providing the ecosystem with a constant influx of world-class talent. And its East Coast location and three international airports make it a perfect spot for European companies establishing a foothold in the United States.

Key Facts About NYC Tech

  • Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
  • Key Industries: Artificial intelligence, Fintech
  • Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
  • Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account