The IT Risk Management Analyst plays a critical role in ensuring the security, compliance, and resilience of an organization's IT systems and infrastructure. This role involves identifying, assessing, and mitigating potential risks and vulnerabilities that could impact the confidentiality, integrity, and availability of digital assets. The IT Risk Management Analyst collaborates with various teams to implement effective risk management strategies and ensure that the organization maintains a robust and secure IT environment.
Essential Duties & Responsibilities:
Risk Assessment:
- Identify and assess potential IT risks, including cybersecurity threats, vulnerabilities, and compliance gaps.
- Conduct risk assessments to evaluate the potential impact and likelihood of identified risks.
- Analyze and interpret data related to IT security incidents, breaches, and vulnerabilities.
Risk Mitigation:
- Develop and implement risk mitigation plans to address identified vulnerabilities and threats.
- Collaborate with IT and security teams to design and implement controls to reduce the organization's exposure to risks.
- Stay up-to-date with emerging security threats and industry best practices to enhance the effectiveness of risk mitigation strategies.
Compliance and Regulation:
- Monitor and ensure compliance with relevant IT regulations, standards, and frameworks (e.g., GDPR, FERPA, FFIEC, HIPAA, NIST, ISO 27001).
- Assist in the development and maintenance of IT policies, procedures, and guidelines to ensure adherence to compliance requirements.
Security Incident Response:
- Participate in incident response activities, providing expertise in analyzing and mitigating security incidents.
- Collaborate with incident response teams to investigate and remediate security breaches or vulnerabilities.
Risk Reporting and Communication:
- Prepare and present reports on IT risks, vulnerabilities, and mitigation efforts to management and relevant stakeholders.
- Communicate complex technical concepts to non-technical audiences effectively.
Security Awareness and Training:
- Assist in developing and delivering IT security awareness programs to educate employees about security best practices.
- Provide guidance and training to employees regarding risk management procedures and policies.
Continuous Improvement:
- Identify areas for process improvements and recommend solutions to enhance the overall IT risk management program.
- Participate in the evaluation and implementation of new technologies and tools to enhance risk assessment and mitigation capabilities.
Job Skills:
- Understanding of IT risk management principles, cybersecurity concepts, and industry standards.
- Proficiency in risk assessment methodologies, vulnerability assessment tools, and security frameworks.
- Excellent analytical and problem-solving skills, with the ability to assess complex situations and provide practical solutions.
- Effective communication skills to convey technical information clearly to both technical and non-technical stakeholders.
- Collaborative attitude with the ability to work across different teams and departments.
- Experience with security incident response and familiarity with security tools and technologies.
Work Experience:
- 3 to 5 years in a similar role.
Education:
- Vocational or Higher-Ed Degree in IT, Accounting, Finance, Business Administration, or IT Risk Management.
Certificates, licenses and registrations:
- Preference: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are advantageous.
Other:
- Must be able to travel occasionally should a business need arise. For most roles travel would not be common. Travel may involve plane, car or metro. In accordance with ADA policies, reasonable accommodation regarding travel limitations can be provided. Travel will be more common for roles such as Account Executives (25 - 50%), senior leaders (10 – 20%) or Capella Core Faculty (5 – 10%).
- Ability to work onsite in Corporate or Campus location (in a typical office environment) may be required based on role. If so, this would include being mobile within the office, including movement from floor-to-floor using elevators or stairs.
- If offsite or hybrid role, must have access to work in setting which enables meeting all requirements of the role (including privacy, reliable internet access, phone, ability to video conference, etc.) at a remote location.
- Faculty and Federal Work Study roles require access to work in setting which enables meeting all requirements of the role (including computer, privacy, reliable internet access, phone, ability to video conference, etc.) at a remote location.
- This role may require lifting, however reasonable accommodations will be provided in accordance with our ADA policies.
- Must be able to meet critical thinking and problem solving aspects aligned to job duties, as well as effectively communicating with co-workers.
- Must be able to work more than 40 hours per week when business needs warrant. Accommodations related to schedule may be considered.
- Able to access information using a computer.
- Other essential functions and marginal job functions are subject to modification.
- SEI is an Equal Opportunity employer committed to a diverse and inclusive community. We welcome applications from all. While it is not typical for an individual to be hired at or near the top end of the pay range at SEI, we offer a competitive salary and benefits package. The actual base pay offered to the successful candidate may vary depending on multiple factors including, but not limited to, job-related knowledge/skills, experience, business needs, geographical location, and internal pay equity. Our Talent Acquisition Team is ready to discuss your interest in joining SEI. The expected salary range for this position is below.
$82,800.00 - $124,200.00 - Salary
If you require reasonable accommodations to complete our application process, please contact our Human Resources Department at Careers@strategiced.com.