Senior IT Risk and Compliance Analyst
$97k - $120kNational Opinion Research Center - NORC
JOB SUMMARY
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The team is responsible for specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. The team develops and implements tools and processes to measure and track IT risk and compliance metrics. The team provides guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. The team conducts risk assessments and security impact analyses of information systems. Location : This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office. Qualified applicants must be U.S. citizens due to security clearance requirements for projects.DEPARTMENT
NORC's Digital Services & Solutions group provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.RESPONSIBILITIES
Work with the team in specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. Help develop and implement tools and processes to measure and track IT risk and compliance metrics. Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. Assist the team with conducting risk assessments and security impact analyses of information systems.REQUIRED SKILLS
Education and Certifications: Bachelor's degree in computer science, Information Technology, or a related field (or equivalent years of experience). Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certifications. General Experience: Minimum of 4 years of experience in information security roles, emphasizing security architecture and engineering solutions. Proven experience in performing network penetration testing, vulnerability scans, and configuration analysis. Experience overseeing project penetration testing activities. Preferred experience as an ISO for federal programs and projects. Experience coordinating communications across vendors, internal stakeholders, and program owners. Experience using CSAM. ATO Experience: In-depth knowledge and experience guiding information systems through the Authorization to Operate (ATO) process. Proficient in navigating the complex landscape of ATO processes, demonstrating a successful track record in obtaining authorizations for information systems. Extensive knowledge of the steps involved in the ATO process, ensuring compliance with government regulations and standards, including NIST Special Publications and FISMA. A proven ability to streamline and expedite ATO timelines without compromising security standards, showcasing efficiency in documentation and regulatory adherence. Expertise in developing and presenting comprehensive ATO documentation, including System Security Plans, to accrediting authorities and other relevant stakeholders. Demonstrated skill in addressing and mitigating security risks identified during the ATO process, ensuring the secure operation of systems in various environments. Exceptional communication skills to articulate ATO requirements, progress, and challenges to both technical and non-technical stakeholders, fostering collaboration and understanding. Risk Management Experience: Demonstrated experience in developing threat models and security risk assessments. Ability to recommend mitigations and countermeasures to address identified risks, vulnerabilities, and threats. Experience conducting incident response across vendors, internal stakeholders, and program owners, including implementing and coordinating the response plan, overseeing the technical response, and coordinating with legal, technical, and communications teams. Compliance and Documentation: Thorough understanding and experience with government regulations and standards related to information security. In-depth knowledge of security compliance checks and the ability to perform audit activities. Experience in reviewing and validating security documentation, including system security requirements definition and System Security Plans. Experience conducting penetration testing across multiple vendors, contractors, and consultants that meet stringent client requirements. Communication and Guidance: Strong communication skills with the ability to guide NORC customers on information security policies and regulations. Ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.SALARY AND BENEFITS
The pay range for this position is $97,000 - $120,000. This position is classified as regular. Regular staff are eligible for NORC's comprehensive benefits program. Benefits include, but are not limited to: Generously subsidized health insurance, effective on the first day of employment Dental and vision insurance A defined contribution retirement program, along with a separate voluntary 403(b) retirement program Group life insurance, long-term and short-term disability insurance Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP). NORC is committed to equity and transparency in its pay practices. We publish salary ranges and benefit information for every job. The listed hiring range reflects what we, in good faith, expect to pay at the time of posting, though actual compensation may vary and may be adjusted over time. A candidate's placement within the range depends on factors such as competencies, education, qualifications, experience, skills, performance, and organizational needs.WHAT WE DO
NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.WHO WE ARE
For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which we're known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.EEO STATEMENT
NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics. #J-18808-Ljbffr National Opinion Research Center - NORCVacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Senior IT Risk and Compliance Analyst in Chicago, IL vacancy
$92k - $97k
Job Summary: The Senior Cyber Security and Compliance Consultant supports and advises BDO's clients to satisfy their compliance, cyber security, IT controls and multiple governance frameworks applicable... ...solutions for the mitigation of risks and/or continuous improvement...SeniorWork at office$100k - $135k
Salary: USD100000 - USD135000 per annum SENIOR COMPLIANCE ANALYST $100-135k | REMOTE Global non-profit organization is looking to expand their Governance, Risk & Compliance team by hiring a Senior Compliance Analyst. This person will be the 2nd hire to a new team, with...SeniorWork experience placementRemote work$95k - $125k
...Recruitment Leader to the Fortune 500 and beyond in Chicago Senior IT Compliance Analyst - Global Building Materials Leader A leading global company... ...maintaining and enhancing the company’s IT compliance and risk management programs. Your work will focus on ensuring strong...SeniorFull timeRemote work$70k - $85k
ZwillGen is seeking an experienced Principal Legal Analyst to support third-party requests for user data from clients. This role requires... ...a detail-oriented individual with 7+ years in the legal or compliance field and a thorough understanding of relevant laws like the...SeniorRemote work- A leading real estate and mortgage services firm in Chicago seeks a financial reporting professional to manage regulatory compliance and coordinate financial data. Candidates should have a Bachelor's degree in Finance or Accounting, along with at least 5 years of relevant...Senior
- Zion Cloud Solutions in Chicago seeks an experienced Security & Compliance Analyst to keep a regulated technology environment secure, compliant,... ...controls, maintain documentation, and partner with security, IT, and delivery teams to ensure standards are not just written but...Senior
$142.5k - $237.5k
...We Collect Your Privacy Choices Team Overview The Senior Privacy Compliance Advisor serves as a trusted compliance and privacy advisor... ...& privacy laws and regulatory obligations Serve as the Risk and Compliance lead for the Marketing Solutions Cross Functional...SeniorFull timeTemporary workFixed term contractWork experience placementWork at officeFlexible hours2 days per week$86k - $101k
Description Payment Network Compliance Analyst (Visa/Mastercard/Discover) Merchant Compliance | Sponsorship... ...oversight program within the Payments Risk organization. This role is responsible... ...Not a traditional TPRM / vendor risk / IT GRC role. Not focused on cybersecurity...Work at officeLocal areaRemote workMonday to FridayFlexible hours$48 - $50 per hour
...Job Title: Senior Compliance AssociateJob Description The Senior Associate, Construction Compliance, is responsible for supporting construction... ...compliance deliverables are met. Identify and evaluate risks and work with internal and external stakeholders to elevate and...SeniorContract workTemporary workFor contractorsApprenticeshipWork at officeLocal areaVisa sponsorship$100k - $150k
Job Description The Senior Information Security Compliance Analyst is a key member of the SRO Compliance & Portfolio Management team, responsible for ensuring... ...assessments, monitoring compliance efforts, managing risk, and providing expert guidance to stakeholders to...SeniorWork experience placement- ...An established industry player is seeking an experienced Vice President, Market Risk Analytics Manager to lead risk management efforts across various asset classes. This pivotal role focuses on futures, options, FX, and fixed income, ensuring robust risk monitoring and...Senior
- Jobtailor is seeking a detail-oriented professional to support compliance, privacy, and risk management initiatives. This role involves coordinating annual training, reporting, and stakeholder attestation, while ensuring documentation accuracy across the policy landscape...
- ...Baker Tilly US in Chicago seeks an IT Audit, Cybersecurity & Risk Senior Consultant to enhance client services through risk management and assurance strategies. This role involves close collaboration with executives to assess financial and operational risks, offering recommendations...Senior
- Buckingham Search is seeking a Senior IT SOX Manager in Chicago for a hybrid role to lead the IT SOX program and ensure compliance across a globally diversified organization. In this... ...senior leadership to manage IT controls, risk governance, and SOX compliance in a complex...Senior
- ...seeking an Associate Principal, Security Assurance to lead security risk assessments for third parties and technologies, and collaborate... ...security reports for executive review. The role requires strong IT risk knowledge and collaboration across OCC’s security teams. #J...Senior
$89.97k - $117.21k
United Airlines is seeking a Digital Compliance Analyst in Chicago, Illinois, to join their Cybersecurity... ...This role involves implementing Digital Risk and Compliance programs and ensuring... ...a bachelor's degree in Cybersecurity or IT, with 2+ years of experience....- ...Airlines in Chicago is seeking a Digital Compliance Analyst as part of its Cybersecurity team. This role aids in implementing Digital Risk and Compliance programs, ensuring that organizational... ...a bachelor’s degree in Cybersecurity or IT and will have at least 2 years of...
- RSM US LLP seeks a Technology Risk Consulting Supervisor to lead high‑impact IT audit and SOC engagements for financial services clients, mentoring teams... ...focuses on strengthening technology, security, and compliance postures while growing RSM's practice. Ideal candidates...Senior
- Riveron is seeking a Senior Associate for its IT Risk Advisory group based in Chicago, Illinois. The role focuses on IT General Control Assessments, requiring 3+ years of experience in IT auditing and a relevant degree in Accounting, Finance, or Management Information...Senior
$90k - $121.3k
...its core values. Responsibilities We are currently seeking a Senior Compliance Advisory Services Officer who will serve as the primary... ...Compliance Advisory Services Manager and is part of the Compliance/Risk Management team (the “second line of defense”). This position...SeniorWork experience placementWork at office$90k - $100k
...adviser (RIA). Your Future Team Hightower’s Compliance Department strives to provide industry-... ...4 days in the office. What You’ll Do The Senior Associate, AML & Compliance Testing is a... ...investment adviser (IA) as well as supporting risk-based compliance testing across our IA...SeniorPermanent employmentWork at officeLocal areaFlexible hours$75k - $85k
Senior eCommerce Fraud & Compliance Specialist Purpose of Position The Senior Network Quality Intelligence Specialist plays a critical role in safeguarding... ...fraud investigations, proactively identify emerging risks, and contribute to the design and evolution of network-...SeniorWork at officeRemote workFlexible hours$70k - $94k
Strata Decision Technology is looking for a Senior Compliance Associate to join their IT team in Chicago, IL. The role requires expertise in IT governance, risk, and compliance, with a focus on achieving HITRUST and SOC compliance. Candidates should have 4+ years of experience...SeniorWork from home$161.5k - $184.3k
Capital One is seeking a Senior Risk Manager in Chicago, IL to act as a trusted data risk advisor. This role involves collaborating with business units to manage data risks, conducting assessments, and promoting adherence to best practices. The ideal candidate will have...Senior- Danaher Corporation is seeking a Senior Cybersecurity Risk Analyst responsible for managing third-party risk activities. You will execute risk management lifecycles and contribute to enterprise risk reporting across a global environment. The ideal candidate has strong knowledge...SeniorRemote job
- M&T Bank Corporation is looking for a Compliance and Operational Risk Senior Advisor based in Chicago, IL. This hybrid role involves leading compliance and operational risk management activities and working closely with senior leadership to ensure adherence to regulations...Senior
- ...organization, including third-party suppliers. The role focuses on risk-based decision making and continuous improvement of security... ...coordinate audits, maintain ISMS documentation, and ensure compliance with ISO/IEC 27001, NIST, and other frameworks while collaborating...Senior
- Charles Schwab Corporation is seeking a Margin Specialist in Chicago, Illinois, to address margin-related inquiries and monitor compliance with regulations. The role involves managing margin calls, analyzing reports, and providing excellent customer service to clients....Senior
$98.4k - $199k
Old National Bank is seeking an IT Audit Manager, Sr to lead audits and assess risk management strategies. The role involves collaborating with IT/Risk Management and preparing detailed audit reports. With a focus on IT audit and control systems, the successful candidate...Senior- Northern Trust is seeking a Sr. Analyst for Liquidity Regulatory Reporting in Chicago, Illinois... ...Accounting teams to ensure regulatory compliance and produce management reporting. The... ...degree, contributing insights to senior management on regulatory matters. This position...Senior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior IT Risk and Compliance Analyst. Be the first to apply!
Related searches
- senior quantitative risk analyst Chicago, IL
- information risk analyst Chicago, IL
- it risk analyst Chicago, IL
- risk consultant Chicago, IL
- operational risk consultant Chicago, IL
- third party risk analyst Chicago, IL
- risk analyst Chicago, IL
- risk analyst intern Chicago, IL
- risk officer Chicago, IL
- transaction risk analyst Chicago, IL


