Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior IT Risk and Compliance Analyst

$97k - $120k

NORC

Apply now Job no: 503864 Work type: Regular Full-Time Location: Washington, DC Capability Area: IT DSS Security and Compliance

JOB SUMMARY

NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The team is responsible for specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. The team develops and implements tools and processes to measure and track IT risk and compliance metrics. The team provides guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting, and conducts risk assessments and security impact analyses of information systems.

LOCATION

This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office. Remote candidates may also be considered. Qualified applicants must be U.S. citizens due to security clearance requirements for projects.

DEPARTMENT

Digital Services & Solutions Security & Compliance

RESPONSIBILITIES

Specify, document, validate, and maintain IT security & privacy controls to ensure compliance with client and corporate data integrity standards. Develop and implement tools and processes to measure and track IT risk and compliance metrics. Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. Assist in conducting risk assessments and security impact analyses of information systems.

REQUIRED SKILLS

Education and Certifications : Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience). Professional certifications such as CISSP, CISM, or similar. General Experience : Minimum of 4 years in information security roles, emphasizing security architecture and engineering solutions. Proven experience performing network penetration testing, vulnerability scans, and configuration analysis; experience overseeing project penetration testing activities; preferred experience as an ISO for federal programs and projects; experience coordinating communications across vendors, internal stakeholders, and program owners; experience using CSAM. ATO Experience : In-depth knowledge and experience guiding information systems through the Authorization to Operate (ATO) process; proficiency in navigating the complex landscape of ATO processes and obtaining authorizations; extensive knowledge of steps involved in the ATO process, ensuring compliance with NIST and FISMA; proven ability to streamline and expedite ATO timelines; expertise in developing and presenting comprehensive ATO documentation; demonstrated skill in addressing and mitigating security risks identified during the ATO process; exceptional communication skills to articulate ATO requirements, progress, and challenges. Compliance and Documentation : Thorough understanding and experience with government regulations and standards related to information security; in-depth knowledge of security compliance checks and the ability to perform audit activities; experience reviewing and validating security documentation, including system security requirements definition and System Security Plans; experience conducting penetration testing across multiple vendors, contractors, and consultants. Communication and Guidance : Strong communication skills to guide customers on information security policies and regulations; ability to effectively communicate complex security concepts to both technical and non-technical stakeholders; experience conducting incident response across vendors, stakeholders, and program owners; coordinating response plans, overseeing technical response, and collaborating with legal, technical, and communications teams.

SALARY AND BENEFITS

The pay range for this position is $97,000 - $120,000. Regular staff are eligible for NORC’s comprehensive benefits program, including: Generously subsidized health insurance, effective on the first day of employment Dental and vision insurance A defined contribution retirement program, along with a separate voluntary 403(b) retirement program Group life insurance, long-term and short-term disability insurance Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).

EEO STATEMENT

NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics. #J-18808-Ljbffr NORC at the University of Chicago

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Senior IT Risk and Compliance Analyst in Washington DC vacancy
  • Senior Critical Infrastructure Compliance Specialist Washington, District of Columbia, US • Posted 7 weeks ago Role Overview Exelon is hiring a Senior...  ...program, driving efficiencies, and proactively managing risks to maintain compliance across systems and operations while... 
    Senior
    Full time
    Work experience placement

    TryApplyNow

    Washington DC
    4 days ago
  • A leading federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA. This role includes managing governance, risk, and compliance activities to ensure compliance with DoD requirements. The ideal candidate will have at least 10 years of relevant experience... 
    Senior

    PingWind Inc

    Alexandria, VA
    3 days ago
  •  ...federal services provider is seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should...  ...minimum of 10 years of relevant experience and senior-level cybersecurity certifications. You will lead... 
    Senior

    Medium

    Alexandria, VA
    4 days ago
  • $98k - $145k

    # Senior Compliance Analyst, Public SectorGoogleFull TimeseniorWashington, District of Columbia, USPosted Yesterday## Role OverviewGoogle is hiring...  .... This is a full-time role in Washington. Part of Google's Risk hiring, posted yesterday. Full responsibilities, required... 
    Senior
    Full time
    Temporary work
    Local area
    Flexible hours

    TryApplyNow

    Washington DC
    4 days ago
  •  ...Security Specialist in Washington, DC. This position entails developing and implementing IT security standards, monitoring security technology performance, and ensuring compliance with regulations like PCI and HIPAA. Candidates should possess a Bachelor’s degree in Computer... 
    Senior

    National Education Association

    Washington DC
    4 days ago
  • Booz Allen Hamilton is seeking a Cybersecurity Compliance Analyst to help ensure the security of sensitive databases and software systems. The...  ...policies, and the communication of security information to senior leadership. Applicants must hold a Bachelor’s degree and have... 
    Senior

    Booz Allen Hamilton

    Arlington, VA
    4 days ago
  •  ...Compliance Reporting Analyst ProSidian is a Management And Operations Consulting Services firm that focuses on providing...  ...ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business Process | IT Effectiveness | Engineering | Environmental |... 
    Contract work
    H1b
    Work at office

    ProSidian Consulting

    Alexandria, VA
    1 day ago
  • $90k - $115k

     ...Job Summary IT Risk and Compliance Analyst position is a highly visible, client‑facing role that works closely with Legal and Business Unit stakeholders and reports to the IT Risk and Compliance Manager. This role is responsible for evaluating, assessing, and monitoring... 
    Work experience placement
    Local area

    Brg Corp

    Washington DC
    4 days ago
  • Systems Planning and Analysis, Inc. is seeking a National Security Compliance Analyst to provide onsite support at the Mark Center in Alexandria,...  ...degree and possess 12+ years of experience, with a focus on risk mitigation practices and compliance agreements. The position... 
    Senior
    Work at office

    Systems Planning and Analysis, Inc.

    Alexandria, VA
    8 days ago
  • JPMorgan Chase & Co. is looking for a Sanctions Senior Associate for Risk Management and Compliance in Washington, D.C. This role requires expertise in U.S. sanctions regulations and involves providing guidance to lines of business on compliance issues. You will play a... 
    Senior

    JPMorgan Chase & Co.

    Washington DC
    4 days ago
  •  ...ProSidian provides enterprise services/solutions for Risk Management | Compliance | Business Process | IT Effectiveness | Engineering | Environmental |...  ...Description ProSidian Seeks a Compliance Reporting Analyst | Human Capital Programmatic Evaluation & Compliance... 
    Full time
    Contract work
    Temporary work
    For contractors
    H1b
    Work at office
    Flexible hours

    ProSidian Consulting, LLC

    Alexandria, VA
    25 days ago
  •  ...Title: IT Risk and Compliance Professional Location: Washington, DC Duration: 6+ Months Description The IT risk and compliance or IT audit professional will support Client's IT Risk & Compliance team in its efforts to establish an ongoing... 

    TWO95 International

    Washington DC
    5 days ago
  • Bring your Expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient...  ...quo and striving to be best-in‑class. As a Sanctions Senior Associate in the Global Financial Crime Compliance ("GFCC"... 
    Senior
    Work at office

    JPMorgan Chase & Co.

    Washington DC
    4 days ago
  • One Federal Solution in Washington, D.C. is seeking a Senior Security Risk Management Subject Matter Expert. The role involves providing risk management expertise, supporting A&A, and ensuring compliance with FISMA guidelines. The ideal candidate will have over 10 years... 
    Senior

    One Federal Solution

    Washington DC
    3 days ago
  • $78.9k - $123.3k

     ...seeking a detail-oriented cybersecurity compliance professional to support system authorization...  ...) Plan of Action and Milestones (POA&Ms) Risk Assessments Continuous Monitoring...  ...government customer review and approval. Mid to senior Bachelor’s degree in Cybersecurity,... 
    Permanent employment
    Full time
    Part time
    Work at office
    Local area
    Remote work

    Noblis

    Washington DC
    5 days ago
  •  ...specialists ready to tackle critical cybersecurity challenges. Ideal candidates should have an active Top Secret clearance, 5-7 years of IT security experience, and a strong background in information assurance tools. Responsibilities include researching security controls,... 
    Senior

    Qmulos

    Washington DC
    1 day ago
  • JCD Staffing is seeking a Senior Cybersecurity Supply Chain Risk Management Analyst in Washington, DC, to support federal cybersecurity initiatives. This role focuses on identifying and mitigating risks related to complex supply chains, requiring an active TS clearance... 
    Senior

    JCD Staffing

    Washington DC
    4 days ago
  •  ...integrity and availability. The successful candidate will ensure that products meet U.S. Government security requirements, evaluate the compliance of security offerings, and deliver insights to strengthen the security posture. Join a diverse team committed to innovation and... 
    Senior

    Hitachi Data Systems

    Takoma Park, MD
    3 days ago
  • MISSION ONE, LLC is seeking a Senior Cybersecurity Advisor to provide strategic leadership in cybersecurity, focusing on governance, risk management, and compliance. The ideal candidate will possess extensive experience advising on cybersecurity policies, frameworks, and... 
    Senior

    MISSION ONE, LLC

    Washington DC
    4 days ago
  • Network Designs is seeking a Senior Cybersecurity Supply Chain Risk Management (SCRM) Analyst to manage cybersecurity risks in Washington D.C. This role involves assessing supplier risk and ensuring ICT product security standards are met. Applicants must have a Bachelor... 
    Senior

    Network Designs

    Washington DC
    1 day ago
  • Booz Allen Hamilton is seeking an Information Security Risk Specialist in Alexandria, Virginia. This role involves assessing cybersecurity risks for federal clients, developing mitigation plans, and translating complex security concepts into actionable insights. Required... 
    Senior

    Booz Allen Hamilton

    Alexandria, VA
    5 days ago
  •  ...experienced professional in Washington, DC, to provide analytical support in managing cybersecurity risks within supply chains. Ideal candidates will have a background in IT, combined with a bachelor's degree, relevant certifications like Network+ and Security+, and at... 
    Senior

    Maania Consultancy Services

    Washington DC
    4 days ago
  • A leading health analytics firm is seeking a Senior Research Analyst to apply actuarial analytical skills on health-related projects. The candidate should have extensive experience in health care analytics and be proficient in tools like MS Excel and Access. Responsibilities... 
    Senior
    Full time

    Truven Health Analytics

    Washington DC
    2 days ago
  • The International Monetary Fund is looking for a Research Analyst/Senior Research Analyst to lead the Macro-Risk Unit in Washington DC. This role involves developing and maintaining systems for data ingestion and transformation, as well as creating innovative tools for... 
    Senior

    International Monetary Fund

    Washington DC
    3 days ago
  • $85k - $115k

    NFP, an Aon company, is looking for a motivated individual to join their Property & Casualty Actuarial team. This role involves hands-on experience working with insurance data and delivering client-specific projects that include actuarial reserve analyses, insurance pricing...
    Senior

    NFP, an Aon company

    Bethesda, MD
    5 days ago
  • $85k - $115k

     ...Dental, Vision, 401k, FSA, Life Insurance, Paid Time Off, Commuter Benefits, and Wellness Programs. Position Overview Senior Compliance and Fraud Risk Specialist‑Investigator. This is an outstanding career opportunity for an individual interested in a genuine... 
    Senior
    Work at office

    Universal Service Administrative Co. (USAC)

    Washington DC
    2 days ago
  •  ...Governance, Risk, & Compliance (GRC) Analyst Washington, DC Remote Full-Time About This Role As a GRC Analyst, you will help organizations navigate the complex landscape of cybersecurity compliance and risk management. You will work directly with clients to assess their... 
    Full time
    Remote work

    Districttechgroup

    Washington DC
    4 days ago
  • $85k - $115k

     ...application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Senior Compliance and Fraud Risk Specialist Sr Professional Washington, DC, US 3 days ago Requisition ID: 1280 Salary Range: $85,000.00 To $115,000.00... 
    Senior
    Work at office
    Remote work

    Universal Service Administrative Company

    Washington DC
    4 days ago
  •  ...Job Title: Risk and Compliance Systems Analyst Location: Vienna, VA Work schedule: hybrid onsite 3 days (remote 2 days) Pay Rate: Open to Both...  ..., incidents, audit readiness, and compliance activities. It combines security operations, business analysis, testing,... 
    Full time
    Contract work
    For contractors
    Local area
    Remote work

    System One

    Falls Church, VA
    1 day ago
  • Ernst & Young Oman is seeking an Investment Compliance Data Specialist to ensure data quality across compliance platforms. The role involves supporting implementations and transformations across various investment management tools. The ideal candidate will have a Bachelor... 
    Senior

    Ernst & Young Oman

    Washington DC
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior IT Risk and Compliance Analyst. Be the first to apply!