Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Security Risk Analyst

$72k - $120k
Full-time

College Board

Job Description External Posting Role Title – Security Risk Analyst College Board – Risk Management Location: This is a remote role. Candidates who live near CB offices have the option of being fully remote or hybrid (Tuesday and Wednesday in office). All CB employees are required to occasionally travel to meet in person for business purposes. Role Type: This is a full-time position About the Team The Information Security Governance Risk and Compliance (ISGRC) team at the College Board works closely with other teams across the organization to assess and certify the security of College Board’s information systems and processes. This dedicated team facilitates information security governance and compliance by assessing College Board’s vendors, reviewing and negotiating contractual commitments to information security, planning for disaster response and recovery, testing system strength using industry-recognized frameworks (ISO 27001, PCI-DSS and SOC2) and obtaining related compliance certifications, implementing information security policies, promoting security awareness and training, and testing the acumen of College Board employees through robust and innovative training and phishing campaigns. About the Opportunity As a Security Risk Analyst, you will have the critical role of being responsible for evaluating and managing exceptions to IT security policies, for managing the Organization’s Risk and Control Issues Register (Risk Register), and for developing reports and metrics. Your strong technical communication and negotiation skills will help you build relationships and collaborate with diverse stakeholders and reduce risk to the organization and ensure compliance. Under the direction of management, you will manage the Risk Register and perform security policy exceptions to help the College Board understand its critical risks. In this role you will: Manage the Risk Register (20%) Leads the management of the issues and risks and quickly escalates any untimely completion of audit actions. Works independently to communicate risks and works with others to problem-solve risks to tolerance levels based on data and evidence. Maintains data quality of Risk Register and executes any required data clean-up exercises. Understands College Board work to be able to drive Risk or Control Owners to ensure consistent application of policies and standards. Raises awareness about Risk & Control Issues, Policy exceptions, and available risk reduction options. Fosters a culture of risk awareness and compliance within the technology department and across the organization. Manage Policy Exceptions (65%) Independently analyzes policy exception submissions and provides risk assessment reports for critical service lines, applications, and infrastructure hosted on-prem and in the cloud. Evaluates and manage exceptions to IT security policies. Manages materials for the Exception Review Board and presents exception information to executive leadership and senior team members. Maintains an up-to-date knowledge and understanding of IT security policies and principles. Maintains a customer-focused attitude in all interactions with customers and colleagues. Support Vendor Risk Management (10%) Support the Vendor Risk Management program by understanding policies and procedures. Perform New Vendor Risk Assessments and Reassessments. Serve as backup to the Sr. Risk Analyst. Manage Metrics and Reporting (5%) Provides weekly and monthly reporting for the Risk Register and policy exceptions. Produces trending metrics and escalate exceptions. Performs other duties as assigned. About You To qualify for this role you must have 5-7 years of experience managing or supporting IT Security Risk and Control Risk Register and processing policy exceptions. Strong understanding of risk management techniques such as risk identification, risk scoring, risk mitigation, and risk tracking. Proven ability to lead conversations balancing risk and multiple business needs that result in positive outcomes with multiple stakeholders. The capacity to assess risk information and make risk recommendations independently. Strong organization and prioritization skills and the proven ability to manage multiple tasks simultaneously, both independently and as a member of the team. Excellent verbal and written communication skills. Experience with governance, risk, and compliance tools (e.g., OneTrust) preferred. Experience with information security and privacy frameworks such as ISO 27001, COBIT, NIST-CSF, NIST 800-53, GDPR etc. Current Information Security Certification (e.g., CISSP, CRISC, CISM, CISA, or related security certification) preferred or the ability to attain one within 6 months of hire. Bachelor’s degree in computer science, cybersecurity, engineering, IT management or four years equivalent IT and security industry experience. Vendor Risk Management policies and procedures. Bachelor’s degree required. The ability to travel 2-4 times a year to College Board offices or on behalf of College Board business. All roles at College Board require: A passion for expanding educational and career opportunities and mission-driven work Curiosity and enthusiasm for emerging technologies, with a willingness to experiment with and adopt new AI-driven solutions and comfort with learning and applying new digital tools independently and proactively. Clear and concise communication skills, written and verbal A learner's mindset and a commitment to growth: welcoming diverse perspectives, giving and receiving timely, respectful feedback, and continuously improving through iterative learning and user input. A drive for impact and excellence: solving complex problems, making data-informed decisions, prioritizing what matters most, and continuously improving through learning, user input, and external benchmarking. A collaborative and empathetic approach: working across differences, fostering trust, and contributing to a culture of shared success Authorization to work in the United States About Our Process Application review will begin immediately and will continue until the position is filled. This role is expected to accept applications for a minimum of 5 business days. While the hiring process may vary, it generally includes: resume and application submission, recruiter phone/video screen, hiring manager interview, performance exercise such as live coding, a panel interview, a conversation with leadership and reference checks. What We Offer At College Board, we offer more than a paycheck- we provide a meaningful career, a supportive team, and a comprehensive package designed to help you thrive. We’re a self-sustaining nonprofit that believes in fair and competitive compensation grounded in your qualifications, experience, impact, and the market. A Thoughtful Approach to Compensation The hiring range for this role is $72,000–$120,000. Your exact salary will depend on your location, experience, and how your background compares to others in similar roles at the College Board. We aim to make our best offer upfront, rooted in fairness, transparency, and market data. We adjust salaries by location to ensure fairness, no matter where you live. You’ll have open, transparent conversations about compensation, benefits, and what it’s like to work at College Board throughout your hiring process. Check out our careers page for more. #LI- MD1 #LI- remote College Board reaches more than 7 million students a year, helping them navigate the path from high school to college and career. We’re a mission-driven, not-for-profit membership organization dedicated to excellence in education. Founded 125 years ago, we are committed to clearing a path for all students to own their future. We pioneered programs like the SAT® and AP® to expand opportunities for students and help them develop the skills they need. Our BigFuture® program helps students plan for college, pay for college, and explore careers. Learn more at cb.org. Clearing a path for all students to own their future. At College Board, our work is guided by four Operating Principles, and we seek team members who not only align with these principles but actively live them out in their day-to-day work. Prioritize and Simplify – We focus on what matters most, reduce complexity, and move quickly when needed. Say and Receive – We give and receive feedback candidly and kindly, welcoming growth and healthy debate. Go for Greatness – We pursue excellence using data, iteration, and bold thinking to raise the bar. Lead as One College Board – We build a culture of trust, inclusion, and shared responsibility for long-term impact. In addition to a competitive salary and benefits, we offer: Annual bonuses and opportunities for merit-based raises and promotions A mission-driven workplace where your impact matters A team that invests in your development and success Learn more about College Board’s Operating Principles, Our Remote-first Workplace Policy, Benefits, Recruiting Process and More. College Board is proud to be an equal opportunity employer. We’re committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Security Risk Analyst in Virginia vacancy
  •  ...The Squires Group in Arlington, VA is seeking an experienced SAP Security Analyst to support a major ERP modernization initiative in a federal environment. This position involves implementing and maintaining application security within an SAP S/4HANA landscape, with 7... 
    Suggested
    Remote work

    The Squires Group

    Arlington, VA
    4 days ago
  •  ...order - J0326-1237 - Permanent Full Time Title SAP Application Security and GRC Analyst (Sr.) - U.S. Citizenship Required Location Fairfax, Virginia...  ...SAP environment, focusing on continuous improvement and risk mitigation. Oversee security aspects of system builds, upgrades... 
    Suggested
    Permanent employment
    Full time
    Contract work
    Work at office
    Local area

    CGI Njoyn

    Fairfax, VA
    23 hours ago
  • $89.6k - $194k

     ...SAP Application Security and GRC Analyst (Sr.) - U.S. Citizenship Required Category: ERP/CRM/Tools Main location: United States, Virginia...  ...SAP environment, with a focus on continuous improvement and risk mitigation. • Oversee security aspects of system builds,... 
    Suggested
    Full time
    Contract work
    Work at office
    Local area
    2 days per week

    CGI

    Fairfax, VA
    1 day ago
  •  ...MANTECH seeks a motivated, career and customer-oriented Security Policy Analyst to join our team in Chantilly, VA. Responsibilities include but are not limited to: Analyze, design, develop, deliver, and evaluate current and future security policies. Provide... 
    Suggested
    Work at office
    Shift work

    MANTECH

    Chantilly, Fairfax County, VA
    -4
  •  ...MANTECH seeks a motivated, career and customer-oriented Program Security Analyst to support our contract under Marine Corps Systems Command (MCSC) out of Quantico, VA. MANTECH is responsible for assisting our Government customer and ensuring that material solutions... 
    Suggested
    Full time
    Contract work

    MANTECH

    Quantico, VA
    1 day ago
  •  ...UVA Workday Finance Analyst UVA implemented Workday Finance in July 2022 and have found several business processes that are getting...  ...have access or does it need to go to someone else. Workday Security experience- creating/modifying roles, creating access/reassigning... 

    Software Technology Inc

    Charlottesville, VA
    2 days ago
  • $124.2k - $186.2k

     ...About the team: The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives...  ...An excellent ability to assess situations, identify potential risks, and make sound judgments based on available information. ~ Excellent... 
    Local area
    Remote work

    Rubrik

    Richmond, VA
    4 days ago
  • $41 - $53 per hour

     ...Short Description Bowman has an opportunity for a Security Analyst III to join our team in Virginia. At Bowman, we believe in...  ...proactive monitoring, threat detection, incident investigation, and risk management. This role partners across IT, infrastructure,... 
    Work at office

    Bowman Consulting Group, Ltd.

    Reston, VA
    3 days ago
  •  ...Security Analyst The Security Analyst supports the United States (U.S.) Army C5ISR Center to develop advances within cyber defense research; advanced detection methods; sensor structure, data optimization, and sensor architectures; intrusion detection innovations,... 
    Temporary work
    Immediate start
    Flexible hours

    Integral Federal

    McLean, VA
    2 days ago
  • $57.15 per hour

     ...experience; can provide limited leadership to others. Maximum Vendor Submittal Rate is $57.15/hr. Job Description: The IT Security Analyst monitors and advises on information security issues related to the systems and workflow at an agency to ensure the internal IT... 
    For contractors

    Inteletech Global Inc.

    Richmond, VA
    4 days ago
  •  ...Position Title: Sr. Security Analyst Position Type: Full-time (on-site) Location: Suffolk Building, Falls Church, VA (No remote/hybrid) Clearance: TS w/SCI eligibility Minimum of ten (10) years of recent and relevant experience is required for contractor... 
    Civilian Contractor
    Full time
    Contract work
    Temporary work
    For contractors
    Remote work

    Waypoint Human Capital

    Falls Church, VA
    12 hours ago
  •  ...Job Title: IT Security Analyst Location: Richmond, VA Position Type: Contract Duration: 6 / 12 Month...  ...access management, System and services acquisition review, IT risk management, business continuity and IT disaster recovery planning... 
    Contract work
    Work experience placement
    Work at office

    Ztek Consulting

    Richmond, VA
    11 hours ago
  • $85k - $100k

     ...interest for upcoming roles and future growth Are you a personnel security professional seeking a new opportunity in your field? Do you...  ...? If you are adjudicator, security specialist or security analyst looking for a way to apply your knowledge and experience, we have... 
    Hourly pay
    Contract work
    Work experience placement
    Work at office
    Local area
    Immediate start
    Monday to Friday
    Shift work

    Amentum

    Chantilly, Loudoun County, VA
    1 day ago
  • $70k - $76k

     ...Security (SOC) Analyst UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite...  ...cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. By creating continuously... 
    Temporary work
    Night shift
    Rotating shift

    UltraViolet Cyber

    Herndon, VA
    2 days ago
  •  ...technology infrastructure complies with these standards and Department's security policies. Plan and perform IT security controls effectiveness...  ...new or enhanced implemented controls. Maintain IT security risk and compliance matrix and performs management reporting. This... 
    Work experience placement

    RIT Solutions

    Reston, VA
    2 days ago
  •  ...Industrial Security Analyst Position Summary: Position Description: Industrial Security Analyst Location: National Capital Region...  ...security vulnerabilities and hazards, and consequences to determine risk levels and how best to implement countermeasures that mitigate... 
    Contract work
    For contractors

    SANCORP Consulting, LLC

    Arlington, VA
    2 days ago
  •  ...environments. ~ Familiarity with SIEM tools, log analysis, and incident response workflows. ~ Familiarity with PCI DSS 4.0+ security requirements. ~ Working knowledge of networking protocols, system hardening, and asset inventory practices. ~ Strong... 

    3B Staffing LLC

    Richmond, VA
    2 days ago
  • $155k - $165k

     ...Position Title: Security Analyst II Department: Cybersecurity & Program Management Corporate Area: PBS Technology Status: Regular, Full time Exempt Manager Title: Director, Cybersecurity Position Overview: The Security Analyst II is... 
    Hourly pay
    Full time
    Temporary work

    PBS

    Alexandria, VA
    1 day ago
  •  ...Security Analyst Long term contract Richmond, VA – Locals only In-person interview required Responsibilities Monitor security alerts and logs for tolling-related infrastructure using existing SIEM and other monitoring tools. Analyse, investigate,... 
    Long term contract
    Local area

    GlobalPoint

    Richmond, VA
    1 day ago
  • $55 per hour

     ...Position Title: Zero Trust Security Analyst Location: Vienna, VA or Pensacola, FL Position Status: Contract W2...  ...experience supporting security audits, compliance initiatives, or risk assessments. Knowledge of least-privilege access models and... 
    Hourly pay
    Contract work
    For contractors

    Seneca

    Vienna, VA
    12 hours ago
  •  ...The Security Analyst performs difficult technical work, ensuring that the County's digital assets are protected from unauthorized access. This...  ...network disaster recovery plans; Assists with performing risk assessments, internal and external vulnerability scans; Supports... 

    Military, Veterans and Diverse Job Seekers

    Stafford, VA
    4 days ago
  •  ...The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing...  ...responsibilities will include supporting the validation of third‑party risk assessments, identifying misconfigurations and exposed assets,... 
    Summer holiday
    Flexible hours

    Ernst & Young Oman

    Richmond, VA
    4 days ago
  •  ...We are seeking an IT Security Analyst who can work independently to manage mid-level security efforts, monitor workflows, and ensure internal IT controls are operating exactly as intended. Work Arrangement & Interview Process Work Arrangement: Onsite Interview Process... 
    Remote work

    Stellar Professionals

    Richmond, VA
    4 days ago
  • $30 - $33 per hour

     ...Insight Global is seeking a Jr. Security Specialist in Arlington, Virginia to support the security of the Joint Worldwide Intelligence Communications Systems at the Pentagon. The role involves assisting DoD personnel with clearance issues, running DISS queries, and providing... 
    Hourly pay
    Worldwide

    Insight Global

    Arlington, VA
    4 days ago
  •  ...Overview Job Summary: As a Security Analyst you will utilize your skill and knowledge to protect the organization’s environments from internal...  ..., misconfigurations, and social engineering to lower risk for the organization and our customers. Responsibilities Build... 
    Work at office

    Neumo

    Centreville, VA
    1 day ago
  •  ...solutions to our Nation's most complex national security challenges. In order to achieve our mission, Core...  ...Polygraph Summary We are seeking a Security Analyst to support cybersecurity operations, compliance, and risk management for FedRAMP-authorized and Intelligence... 

    Core One

    McLean, VA
    23 hours ago
  • $105k - $120k

     ...Cyber is a leading platform-enabled unified security operations company providing a...  ...accessible for all organizations by eliminating risks of separate red and blue teams. By creating...  ...U.S. and in India. The Senior Security Analyst will join a team supporting one of UltraViolet... 
    Temporary work

    Medium

    Chantilly, Loudoun County, VA
    1 day ago
  •  ...The IT Security Analyst monitors and advises on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinates and executes IT security related... 

    TMS Services

    Richmond, VA
    4 days ago
  •  ...Title: Security Analyst Open to USC About this Position / Responsibilities Serving as the Initial Escalation Point for...  ...all Response SLAs Identifying and Documenting Any Security Risk Associated with Security Operations/Engineering... 
    Work experience placement
    Shift work

    3B Staffing LLC

    Richmond, VA
    2 days ago
  • $75.8k - $113.8k

     ...employees are not only part of history, they're making history. Northrop Grumman Mission Systems is seeking an Industrial Security Analyst to develop and administer security programs and procedures for classified or proprietary materials, documents, and equipment.... 
    Work experience placement
    Relocation
    Shift work

    Northrop Grumman

    Chantilly, Loudoun County, VA
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Security Risk Analyst. Be the first to apply!