Senior IT Risk and Compliance Analyst
$97k - $120kNORC
Apply now Job no: 503864 Work type: Regular Full-Time Location: Washington, DC Capability Area: IT DSS Security and Compliance
JOB SUMMARY
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The team is responsible for specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. The team develops and implements tools and processes to measure and track IT risk and compliance metrics. The team provides guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting, and conducts risk assessments and security impact analyses of information systems.LOCATION
This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office. Remote candidates may also be considered. Qualified applicants must be U.S. citizens due to security clearance requirements for projects.DEPARTMENT
Digital Services & Solutions Security & ComplianceRESPONSIBILITIES
Specify, document, validate, and maintain IT security & privacy controls to ensure compliance with client and corporate data integrity standards. Develop and implement tools and processes to measure and track IT risk and compliance metrics. Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. Assist in conducting risk assessments and security impact analyses of information systems.REQUIRED SKILLS
Education and Certifications : Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience). Professional certifications such as CISSP, CISM, or similar. General Experience : Minimum of 4 years in information security roles, emphasizing security architecture and engineering solutions. Proven experience performing network penetration testing, vulnerability scans, and configuration analysis; experience overseeing project penetration testing activities; preferred experience as an ISO for federal programs and projects; experience coordinating communications across vendors, internal stakeholders, and program owners; experience using CSAM. ATO Experience : In-depth knowledge and experience guiding information systems through the Authorization to Operate (ATO) process; proficiency in navigating the complex landscape of ATO processes and obtaining authorizations; extensive knowledge of steps involved in the ATO process, ensuring compliance with NIST and FISMA; proven ability to streamline and expedite ATO timelines; expertise in developing and presenting comprehensive ATO documentation; demonstrated skill in addressing and mitigating security risks identified during the ATO process; exceptional communication skills to articulate ATO requirements, progress, and challenges. Compliance and Documentation : Thorough understanding and experience with government regulations and standards related to information security; in-depth knowledge of security compliance checks and the ability to perform audit activities; experience reviewing and validating security documentation, including system security requirements definition and System Security Plans; experience conducting penetration testing across multiple vendors, contractors, and consultants. Communication and Guidance : Strong communication skills to guide customers on information security policies and regulations; ability to effectively communicate complex security concepts to both technical and non-technical stakeholders; experience conducting incident response across vendors, stakeholders, and program owners; coordinating response plans, overseeing technical response, and collaborating with legal, technical, and communications teams.SALARY AND BENEFITS
The pay range for this position is $97,000 - $120,000. Regular staff are eligible for NORC’s comprehensive benefits program, including: Generously subsidized health insurance, effective on the first day of employment Dental and vision insurance A defined contribution retirement program, along with a separate voluntary 403(b) retirement program Group life insurance, long-term and short-term disability insurance Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).EEO STATEMENT
NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics. #J-18808-Ljbffr NORC at the University of ChicagoVacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Senior IT Risk and Compliance Analyst in Washington DC vacancy
- Senior Critical Infrastructure Compliance Specialist Washington, District of Columbia, US • Posted 7 weeks ago Role Overview Exelon is hiring a Senior... ...program, driving efficiencies, and proactively managing risks to maintain compliance across systems and operations while...SeniorFull timeWork experience placement
- A leading federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA. This role includes managing governance, risk, and compliance activities to ensure compliance with DoD requirements. The ideal candidate will have at least 10 years of relevant experience...Senior
- ...federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should... ...minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You will lead...Senior
$98k - $145k
# Senior Compliance Analyst, Public SectorGoogleFull TimeseniorWashington, District of Columbia, USPosted Yesterday## Role OverviewGoogle is hiring... .... This is a full-time role in Washington. Part of Google's Risk hiring, posted yesterday. Full responsibilities, required...SeniorFull timeTemporary workLocal areaFlexible hours- ...Security Specialist in Washington, DC. This position entails developing and implementing IT security standards, monitoring security technology performance, and ensuring compliance with regulations like PCI and HIPAA. Candidates should possess a Bachelor’s degree in Computer...Senior
- Booz Allen Hamilton is seeking a Cybersecurity Compliance Analyst to help ensure the security of sensitive databases and software systems. The... ...policies, and the communication of security information to senior leadership. Applicants must hold a Bachelor’s degree and have...Senior
- ...Compliance Reporting Analyst ProSidian is a Management And Operations Consulting Services firm that focuses on providing... ...ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business Process | IT Effectiveness | Engineering | Environmental |...Contract workH1bWork at office
$90k - $115k
...Job Summary IT Risk and Compliance Analyst position is a highly visible, client‑facing role that works closely with Legal and Business Unit stakeholders and reports to the IT Risk and Compliance Manager. This role is responsible for evaluating, assessing, and monitoring...Work experience placementLocal area- Systems Planning and Analysis, Inc. is seeking a National Security Compliance Analyst to provide onsite support at the Mark Center in Alexandria,... ...degree and possess 12+ years of experience, with a focus on risk mitigation practices and compliance agreements. The position...SeniorWork at office
- JPMorgan Chase & Co. is looking for a Sanctions Senior Associate for Risk Management and Compliance in Washington, D.C. This role requires expertise in U.S. sanctions regulations and involves providing guidance to lines of business on compliance issues. You will play a...Senior
- ...ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business Process | IT Effectiveness | Engineering | Environmental |... ...Description ProSidian Seeks a Compliance Reporting Analyst | Human Capital Programmatic Evaluation & Compliance...Full timeContract workTemporary workFor contractorsH1bWork at officeFlexible hours
- ...Title: IT Risk and Compliance Professional Location: Washington, DC Duration: 6+ Months Description The IT risk and compliance or IT audit professional will support Client's IT Risk & Compliance team in its efforts to establish an ongoing...
- Bring your Expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient... ...quo and striving to be best-in‑class. As a Sanctions Senior Associate in the Global Financial Crime Compliance ("GFCC"...SeniorWork at office
- One Federal Solution in Washington, D.C. is seeking a Senior Security Risk Management Subject Matter Expert. The role involves providing risk management expertise, supporting A&A, and ensuring compliance with FISMA guidelines. The ideal candidate will have over 10 years...Senior
$78.9k - $123.3k
...seeking a detail-oriented cybersecurity compliance professional to support system authorization... ...) Plan of Action and Milestones (POA&Ms) Risk Assessments Continuous Monitoring... ...government customer review and approval. Mid to senior Bachelor’s degree in Cybersecurity,...Permanent employmentFull timePart timeWork at officeLocal areaRemote work- ...specialists ready to tackle critical cybersecurity challenges. Ideal candidates should have an active Top Secret clearance, 5-7 years of IT security experience, and a strong background in information assurance tools. Responsibilities include researching security controls,...Senior
- JCD Staffing is seeking a Senior Cybersecurity Supply Chain Risk Management Analyst in Washington, DC, to support federal cybersecurity initiatives. This role focuses on identifying and mitigating risks related to complex supply chains, requiring an active TS clearance...Senior
- ...integrity and availability. The successful candidate will ensure that products meet U.S. Government security requirements, evaluate the compliance of security offerings, and deliver insights to strengthen the security posture. Join a diverse team committed to innovation and...Senior
- MISSION ONE, LLC is seeking a Senior Cybersecurity Advisor to provide strategic leadership in cybersecurity, focusing on governance, risk management, and compliance. The ideal candidate will possess extensive experience advising on cybersecurity policies, frameworks, and...Senior
- Network Designs is seeking a Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst to manage cybersecurity risks in Washington D.C. This role involves assessing supplier risk and ensuring ICT product security standards are met. Applicants must have a Bachelor...Senior
- Booz Allen Hamilton is seeking an Information Security Risk Specialist in Alexandria, Virginia. This role involves assessing cybersecurity risks for federal clients, developing mitigation plans, and translating complex security concepts into actionable insights. Required...Senior
- ...experienced professional in Washington, DC, to provide analytical support in managing cybersecurity risks within supply chains. Ideal candidates will have a background in IT, combined with a bachelor's degree, relevant certifications like Network+ and Security+, and at...Senior
- A leading health analytics firm is seeking a Senior Research Analyst to apply actuarial analytical skills on health-related projects. The candidate should have extensive experience in health care analytics and be proficient in tools like MS Excel and Access. Responsibilities...SeniorFull time
- The International Monetary Fund is looking for a Research Analyst/Senior Research Analyst to lead the Macro-Risk Unit in Washington DC. This role involves developing and maintaining systems for data ingestion and transformation, as well as creating innovative tools for...Senior
$85k - $115k
NFP, an Aon company, is looking for a motivated individual to join their Property & Casualty Actuarial team. This role involves hands-on experience working with insurance data and delivering client-specific projects that include actuarial reserve analyses, insurance pricing...Senior$85k - $115k
...Dental, Vision, 401k, FSA, Life Insurance, Paid Time Off, Commuter Benefits, and Wellness Programs. Position Overview Senior Compliance and Fraud Risk Specialist‑Investigator. This is an outstanding career opportunity for an individual interested in a genuine...SeniorWork at office- ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations navigate the complex landscape of cybersecurity compliance and risk management. You will work directly with clients to assess their...Full timeRemote work
$85k - $115k
...application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Senior Compliance and Fraud Risk Specialist Sr Professional Washington, DC, US 3 days ago Requisition ID: 1280 Salary Range: $85,000.00 To $115,000.00...SeniorWork at officeRemote work- ...Job Title: Risk and Compliance Systems Analyst Location: Vienna, VA Work schedule: hybrid onsite 3 days (remote 2 days) Pay Rate: Open to Both... ..., incidents, audit readiness, and compliance activities. It combines security operations, business analysis, testing,...Full timeContract workFor contractorsLocal areaRemote work
- Ernst & Young Oman is seeking an Investment Compliance Data Specialist to ensure data quality across compliance platforms. The role involves supporting implementations and transformations across various investment management tools. The ideal candidate will have a Bachelor...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior IT Risk and Compliance Analyst. Be the first to apply!
Related searches
- operational risk specialist Washington DC
- transaction risk analyst Washington DC
- risk analyst Washington DC
- risk compliance officer Washington DC
- governance risk & compliance analyst Washington DC
- risk officer Washington DC
- senior quantitative risk analyst Washington DC
- third party risk analyst Washington DC
- operational risk consultant Washington DC
- it risk analyst Washington DC


