Principal IT Risk Management Analyst

At Strategic Education Inc., our mission is to enable economic mobility through education. Through a portfolio of institutions and learning solutions, we focus on serving working adult learners by improving college affordability, enhancing student engagement, and strengthening workforce readiness so our graduates are equipped with the skills needed to succeed in today's jobs. This mission guides how we operate as an organization, including our approach to enterprise technology and risk management.

The Principal IT Risk Management Analyst is a senior-level role responsible for leading and overseeing comprehensive IT risk management efforts across the organization. This position provides strategic guidance on identifying and assessing complex technology risks and on the development and implementation of effective risk management strategies. The Principal IT Risk Management Analyst partners closely with cross-functional stakeholders to promote the security, compliance, and resilience of the organization's IT systems, infrastructure, and processes.

Essential Duties & Responsibilities:

Strategic Leadership:

• Provide thought leadership and strategic direction in IT risk management, aligning efforts with the organization's goals and risk tolerance.
  
• Collaborate with executive leadership to define risk management strategies and objectives.
  

Risk Assessment and Analysis:

• Identify and assess high-impact IT risks, including emerging cybersecurity threats, regulatory compliance gaps, and operational vulnerabilities.
  
• Analyze complex risk scenarios, evaluating potential business impacts and likelihoods.
  

Risk Mitigation Strategy:

• Develop and execute comprehensive risk mitigation strategies, ensuring the effective implementation of controls, processes, and frameworks.
  
• Lead the design of risk management initiatives that align with industry best practices and standards.
  

Cross-Functional Collaboration:

• Work closely with IT, cybersecurity, legal, compliance, and business units to integrate risk management principles into day-to-day operations.
  
• Facilitate communication and collaboration among teams to ensure a unified approach to risk management.
  

Regulatory Compliance:

• Monitor and interpret relevant IT regulations, standards, and frameworks (e.g., GDPR, FERPA, NIST, ISO 27001, CIS 8) to ensure compliance.
  
• Advise on risk management strategies that address compliance requirements.
  

Risk Reporting and Communication:

• Prepare and deliver clear and concise risk reports for executive management and relevant stakeholders.
  
• Communicate complex technical concepts and risk scenarios in a manner understandable by non-technical audiences.
  

Incident Response and Recovery:

• Provide leadership during IT security incidents, guiding incident response teams to minimize impact and ensure effective recovery.
  
• Review and enhance incident response plans to reflect lessons learned and emerging threats.
  

Continuous Improvement:

• Identify opportunities to enhance risk assessment methodologies, tools, and processes based on evolving threats and industry trends.
  
• Drive continuous improvement initiatives across the risk management function.
  

Mentorship and Development:

• Provide mentorship and guidance to junior members of the risk management team, fostering professional growth and skill development.
  

Job Skills:

• Proven leadership skills with the ability to guide cross-functional teams and provide strategic direction.
  
• Strong analytical and problem-solving capabilities to assess complex risk scenarios and recommend effective mitigation strategies.
  
• Ability to write and manage policies
  
• Excellent communication and presentation skills to convey technical information to various stakeholders.
  
• Familiarity with security technologies, security frameworks, tools, and industry best practices.
  
• Project management skills to drive risk management initiatives and improvements.
  
• Ability to adapt to evolving technologies and risks in the IT landscape.
  

Work Experience:

• 5+ years of experience in a Senior Analyst role or Similar
  
  
• 5+ yrs of experience in IT risk management, with a strong understanding of risk assessment methodologies, frameworks, and regulatory requirements.
  
• 5+ yrs experience with Third Party Risk Management.
  
• 3+ yrs experience with Artificial Intelligence, Cloud Platforms, and DevSecOps.
  
• 3+ with incident response, crisis management, and business continuity planning.
  

Education:

• Bachelor's degree in Information Technology, Cybersecurity, IT Risk Management, Business, or a related field (Master's preferred).
  

Certificates, licenses and registrations:

• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) or Project Management Professional are required.
  

Other:

• Must be able to travel occasionally should a business need arise. For most roles travel would not be common. Travel may involve plane, car or metro. In accordance with ADA policies, reasonable accommodations regarding travel limitations can be provided. Travel will be more common for roles such as Account Executives (25 - 50%), senior leaders (10 - 20%) or Capella Core Faculty (5 - 10%).
  
  
• Ability to work onsite in Corporate or Campus location (in a typical office environment) may be required based on role. If so, this would include being mobile within the office, including movement from floor-to-floor using elevators or stairs.
  
• If offsite or hybrid role, must have access to work in setting which enables meeting all requirements of the role (including privacy, reliable internet access, phone, ability to video conference, etc.) at a remote location.
  
• This role may require lifting, however reasonable accommodations will be provided in accordance with our ADA policies.
  
• Must be able to meet critical thinking and problem solving aspects aligned to job duties, as well as effectively communicating with co-workers.
  
• Must be able to work more than 40 hours per week when business needs warrant. Accommodations related to schedule may be considered.
  
  
• Able to access information using a computer.
  
• Other essential functions and marginal job functions are subject to modification.
  

#LI-JD1

SEI offers a comprehensive package of benefits to employees scheduled 30 hours or more per week. In addition to medical, dental, vision, life and disability plans, SEI employees may take advantage of well-being incentives, parental leave, paid time off, certain paid holidays, tax saving accounts (FSA, HSA), 401(k) retirement benefit, Employee Stock Purchase Plan, tuition assistance as well as entertainment and retail discounts. Non-exempt employees are eligible for overtime pay, if applicable.

Careers - Our Benefits, Strategic Education, Inc

SEI is an equal opportunity employer committed to fostering an inclusive and collaborative culture where individuals can grow their careers and contribute fully. We strive to attract talent with broad experiences, skills and perspectives. We welcome applications from all. While it is not typical for an individual to be hired at or near the top end of the pay range at SEI, we offer a competitive salary. The actual base pay offered to the successful candidate may vary depending on multiple factors including, but not limited to, job-related knowledge/skills, experience, business needs, geographical location, and internal pay equity. Our Talent Acquisition Team is ready to discuss your interest in joining SEI. The expected salary range for this position is below.
$119,300.00 - $178,900.00 - Salary

If you require reasonable accommodations to complete our application process, please contact our Human Resources Department at View email address on click.appcast.io.