ZipRecruiter

Log In

1

It Risk Manager Jobs (NOW HIRING)

Harris Williams

Technology Risk Analyst

Richmond, VA · On-site

The Technology Risk Analyst will contribute to the IT security team, focusing on technology risk management and developing risk solutions to protect the firm and its clients. Responsibilities : • ...

Figma

IT Audit Manager

San Francisco, CA · On-site

The Manager of IT Internal Audit (Risk & Ops) will support Figma's IT SOX compliance program and, in partnership with the Head of Internal Audit, develop the IT risk management and risk-based ...

Abrigo

Senior IT Audit & Assurance Analyst

Raleigh, NC · On-site +1

... manage risk and drive growth. Our solutions automate key processes and allow our customers to ... Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ...

New

Abrigo

Senior IT Risk & Assurance Analyst

Raleigh, NC · On-site

Abrigo is seeking a Senior IT Audit & Assurance Analyst to join our IT Risk & Assurance team ... Manage ad-hoc SOC 1 and SOC 2 audit engagements for newly acquired products not yet in scope of the ...

New

next page

Showing results 1-20

People also search for

All JobsIt Risk JobsIt Risk Manager Jobs

It Risk Manager information

See salary details

$51.5K

$111.6K

$170K

How much do it risk manager jobs pay per year?

As of May 30, 2026, the average yearly pay for it risk manager in the United States is $111,556.00, according to ZipRecruiter salary data. Most workers in this role earn between $90,000.00 and $129,000.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an IT Risk Manager, and why are they important?

To thrive as an IT Risk Manager, you need a solid understanding of risk assessment, information security, and compliance frameworks, often backed by a bachelor's degree in information technology or related fields. Familiarity with tools such as risk management software, GRC platforms, and certifications like CISSP, CISM, or CRISC is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are crucial soft skills in this role. These skills ensure effective identification, mitigation, and communication of IT risks, supporting organizational resilience and compliance.

What are some common challenges faced by IT Risk Managers when implementing risk mitigation strategies across different departments?

IT Risk Managers often encounter challenges such as varying levels of risk awareness among departments, resistance to new controls or procedures, and balancing business objectives with security requirements. Successful risk mitigation requires clear communication, stakeholder buy-in, and tailored training to ensure all teams understand the importance of compliance. Building strong relationships and fostering a culture of shared responsibility are key to overcoming these hurdles and ensuring effective risk management across the organization.

What does an IT Risk Manager do?

An IT Risk Manager is responsible for identifying, assessing, and mitigating risks that could impact an organization's information technology systems and data. They develop and implement risk management strategies, policies, and procedures to protect against cybersecurity threats, data breaches, and compliance violations. IT Risk Managers also work closely with other departments to ensure security best practices are followed and often lead risk assessments, audits, and incident response planning.

What is the difference between It Risk Manager vs Cybersecurity Analyst?

AspectIt Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCISSP, Security+, CEH
Work EnvironmentOversees risk management strategies across IT systemsMonitors and responds to security threats and incidents
Industry UsageUsed in organizations with complex IT infrastructuresCommon in security-focused roles across industries

The It Risk Manager focuses on identifying and managing IT risks at an organizational level, ensuring compliance and risk mitigation strategies. In contrast, a Cybersecurity Analyst primarily monitors security threats and responds to incidents. While both roles require similar certifications and work within the IT security domain, the It Risk Manager has a broader scope related to risk management policies, whereas the Cybersecurity Analyst concentrates on threat detection and response.

More about It Risk Manager jobs
What cities are hiring for It Risk Manager jobs? Cities with the most It Risk Manager job openings:
What states have the most It Risk Manager jobs? States with the most job openings for It Risk Manager jobs include:
What job categories do people searching It Risk Manager jobs look for? The top searched job categories for It Risk Manager jobs are:
It Risk Manager jobs near you
Infographic showing various It Risk Manager job openings in the United States as of May 2026, with employment types broken down into 1% As Needed, 77% Full Time, 21% Part Time, and 1% Contract. Highlights an 96% Physical, 2% Hybrid, and 2% Remote job distribution, with an average salary of $111,556 per year, or $53.6 per hour.
Principal IT Risk Management Analyst

Principal IT Risk Management Analyst

Strategic Education, Inc.

Herndon, VA • On-site, Remote

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 5 days ago

Strategic Education rating

8.8

Company rating: 8.8 out of 10

Based on 11 frontline employees who took The Breakroom Quiz

10th of 189 rated education and training

Job description

At Strategic Education Inc., our mission is to enable economic mobility through education. Through a portfolio of institutions and learning solutions, we focus on serving working adult learners by improving college affordability, enhancing student engagement, and strengthening workforce readiness so our graduates are equipped with the skills needed to succeed in today's jobs. This mission guides how we operate as an organization, including our approach to enterprise technology and risk management.
The Principal IT Risk Management Analyst is a senior-level role responsible for leading and overseeing comprehensive IT risk management efforts across the organization. This position provides strategic guidance on identifying and assessing complex technology risks and on the development and implementation of effective risk management strategies. The Principal IT Risk Management Analyst partners closely with cross-functional stakeholders to promote the security, compliance, and resilience of the organization's IT systems, infrastructure, and processes.
Essential Duties & Responsibilities:
Strategic Leadership:
  • Provide thought leadership and strategic direction in IT risk management, aligning efforts with the organization's goals and risk tolerance.
  • Collaborate with executive leadership to define risk management strategies and objectives.

Risk Assessment and Analysis:
  • Identify and assess high-impact IT risks, including emerging cybersecurity threats, regulatory compliance gaps, and operational vulnerabilities.
  • Analyze complex risk scenarios, evaluating potential business impacts and likelihoods.

Risk Mitigation Strategy:
  • Develop and execute comprehensive risk mitigation strategies, ensuring the effective implementation of controls, processes, and frameworks.
  • Lead the design of risk management initiatives that align with industry best practices and standards.

Cross-Functional Collaboration:
  • Work closely with IT, cybersecurity, legal, compliance, and business units to integrate risk management principles into day-to-day operations.
  • Facilitate communication and collaboration among teams to ensure a unified approach to risk management.

Regulatory Compliance:
  • Monitor and interpret relevant IT regulations, standards, and frameworks (e.g., GDPR, FERPA, NIST, ISO 27001, CIS 8) to ensure compliance.
  • Advise on risk management strategies that address compliance requirements.

Risk Reporting and Communication:
  • Prepare and deliver clear and concise risk reports for executive management and relevant stakeholders.
  • Communicate complex technical concepts and risk scenarios in a manner understandable by non-technical audiences.

Incident Response and Recovery:
  • Provide leadership during IT security incidents, guiding incident response teams to minimize impact and ensure effective recovery.
  • Review and enhance incident response plans to reflect lessons learned and emerging threats.

Continuous Improvement:
  • Identify opportunities to enhance risk assessment methodologies, tools, and processes based on evolving threats and industry trends.
  • Drive continuous improvement initiatives across the risk management function.

Mentorship and Development:
  • Provide mentorship and guidance to junior members of the risk management team, fostering professional growth and skill development.

Job Skills:
  • Proven leadership skills with the ability to guide cross-functional teams and provide strategic direction.
  • Strong analytical and problem-solving capabilities to assess complex risk scenarios and recommend effective mitigation strategies.
  • Ability to write and manage policies
  • Excellent communication and presentation skills to convey technical information to various stakeholders.
  • Familiarity with security technologies, security frameworks, tools, and industry best practices.
  • Project management skills to drive risk management initiatives and improvements.
  • Ability to adapt to evolving technologies and risks in the IT landscape.

Work Experience:
  • 5+ years of experience in a Senior Analyst role or Similar
  • 5+ yrs of experience in IT risk management, with a strong understanding of risk assessment methodologies, frameworks, and regulatory requirements.
  • 5+ yrs experience with Third Party Risk Management.
  • 3+ yrs experience with Artificial Intelligence, Cloud Platforms, and DevSecOps.
  • 3+ with incident response, crisis management, and business continuity planning.

Education:
  • Bachelor's degree in Information Technology, Cybersecurity, IT Risk Management, Business, or a related field (Master's preferred).

Certificates, licenses and registrations:
  • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) or Project Management Professional are required.

Other:
  • Must be able to travel occasionally should a business need arise. For most roles travel would not be common. Travel may involve plane, car or metro. In accordance with ADA policies, reasonable accommodations regarding travel limitations can be provided. Travel will be more common for roles such as Account Executives (25 - 50%), senior leaders (10 - 20%) or Capella Core Faculty (5 - 10%).
  • Ability to work onsite in Corporate or Campus location (in a typical office environment) may be required based on role. If so, this would include being mobile within the office, including movement from floor-to-floor using elevators or stairs.
  • If offsite or hybrid role, must have access to work in setting which enables meeting all requirements of the role (including privacy, reliable internet access, phone, ability to video conference, etc.) at a remote location.
  • This role may require lifting, however reasonable accommodations will be provided in accordance with our ADA policies.
  • Must be able to meet critical thinking and problem solving aspects aligned to job duties, as well as effectively communicating with co-workers.
  • Must be able to work more than 40 hours per week when business needs warrant. Accommodations related to schedule may be considered.
  • Able to access information using a computer.
  • Other essential functions and marginal job functions are subject to modification.

#LI-JD1
SEI offers a comprehensive package of benefits to employees scheduled 30 hours or more per week. In addition to medical, dental, vision, life and disability plans, SEI employees may take advantage of well-being incentives, parental leave, paid time off, certain paid holidays, tax saving accounts (FSA, HSA), 401(k) retirement benefit, Employee Stock Purchase Plan, tuition assistance as well as entertainment and retail discounts. Non-exempt employees are eligible for overtime pay, if applicable.
Careers - Our Benefits, Strategic Education, Inc
SEI is an equal opportunity employer committed to fostering an inclusive and collaborative culture where individuals can grow their careers and contribute fully. We strive to attract talent with broad experiences, skills and perspectives. We welcome applications from all. While it is not typical for an individual to be hired at or near the top end of the pay range at SEI, we offer a competitive salary. The actual base pay offered to the successful candidate may vary depending on multiple factors including, but not limited to, job-related knowledge/skills, experience, business needs, geographical location, and internal pay equity. Our Talent Acquisition Team is ready to discuss your interest in joining SEI. The expected salary range for this position is below.
$119,300.00 - $178,900.00 - Salary
If you require reasonable accommodations to complete our application process, please contact our Human Resources Department at Careers@strategiced.com.

What Strategic Education employees say

Pay

Hours and flexibility

Workplace

Get the full story on Breakroom

Apply