NORC at the University of Chicago
IT Risk and Security Compliance Analyst - Hybrid
NORC at the University of Chicago - Chicago, Illinois, United States, 60290
Work at NORC at the University of Chicago
Overview
- View job
Overview
IT Risk and Security Compliance Analyst - Hybrid
Join to apply for the
IT Risk and Security Compliance Analyst - Hybrid
role at
NORC at the University of Chicago IT Risk and Security Compliance Analyst - Hybrid
Join to apply for the
IT Risk and Security Compliance Analyst - Hybrid
role at
NORC at the University of Chicago Get AI-powered advice on this job and more exclusive features. Job Summary
NORC at the University of Chicago is seeking an Job Summary
NORC at the University of Chicago is seeking an
IT Risk and Security Compliance Analyst
with
extensive experience managing and optimizing ServiceNow GRC
to support and enhance our
security compliance program . This role will play a key part in configuring, maintaining, and improving
ServiceNow GRC workflows , ensuring compliance with
government security standards
such as
FISMA, NIST 800-53, HIPAA, and FedRAMP .
The ideal candidate will have strong expertise in
GRC tool management , compliance assessments, and risk monitoring. They will work closely with IT and security teams to automate processes, track compliance requirements, and support audits and risk assessments within a
hybrid, multi-tenant infrastructure .
DEPARTMENT: IT Risk and Compliance
NORC's Information Technology program provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.
Responsibilities
ServiceNow GRC Administration & Optimization
Lead the management, configuration, and optimization of ServiceNow GRC, ensuring alignment with security frameworks and regulatory requirements. Develop and automate workflows for compliance tracking, risk assessments, control monitoring, and audit management. Continuously improve and refine ServiceNow GRC functionalities to enhance efficiency and reporting. Provide training and support to internal teams on the use of ServiceNow GRC for compliance activities.
Security Compliance & Risk Management
Conduct risk assessments and track compliance with FISMA, NIST 800-53, HIPAA, and FedRAMP security controls. Maintain security documentation, including SSPs, CAPs, Contingency Plans, and other compliance artifacts. Perform continuous monitoring, identify security gaps, and recommend remediation strategies. Support internal and external audits, ensuring all required security evidence is collected and documented.
Collaboration & Communication
Work closely with IT, security engineers, and external clients to ensure security controls are implemented and maintained. Communicate compliance requirements effectively to technical and non-technical stakeholders.
Required Skills
Bachelors degree in management information systems, Computer Science, Business Administration, or related field (or equivalent experience). 2 years of experience in IT security, risk assessment, and compliance within a government contract environment. Extensive hands-on experience managing and configuring ServiceNow GRC. Security Certifications (one or more preferred): CISA, CISM, CRISC, CISSP, or SSCP. Strong knowledge of GRC/IRM systems for compliance tracking, risk management, and audit readiness. Experience in FedRAMP and FISMA, including security package development and control validation. Understanding of hybrid, multi-tenant infrastructure security, including network, server, database, and application security. Excellent verbal and written communication skills, with the ability to bridge technical and business perspectives.
Salary And Benefits
The pay range for this position is $77,000 $116,000.
Benefits
This position is classified as regular. Regular staff are eligible for NORCs comprehensive benefits program. Benefits include, but are not limited to:
Generously subsidized health insurance, effective on the first day of employment Dental and vision insurance A defined contribution retirement program, along with a separate voluntary 403(b) retirement program Group life insurance, long-term and short-term disability insurance Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).
NORCs Approach to Equity and Transparency
Pay and benefits transparency helps to reduce wage gaps. As part of our commitment to pay equity and salary transparency, NORC includes a salary range for each job opening along with information about eligible benefit offerings. At NORC, we take a comprehensive approach to setting salary ranges and reviewing raises and promotions, which is overseen by a formal Salary Review Committee (SRC).
What We Do
NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.
Who We Are
For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which were known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.
Eeo Statement
NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics.
Seniority level
Seniority level
Entry level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Research Services Referrals increase your chances of interviewing at NORC at the University of Chicago by 2x Sign in to set job alerts for Information Technology Security Analyst roles.
Sr Dir Infrastructure, IT Support & Cyber Security
Security Analyst - IoT, Medical & Industrial Devices
Senior Associate, IT Security Internal Audit
Chicago, IL $100,000.00-$110,000.00 2 days ago Senior Associate, Internal Audit Information Technology & Security
Chicago, IL $134,000.00-$174,200.00 2 weeks ago Greater Chicago Area $70,000.00-$80,000.00 4 days ago Chicago, IL $65,000.00-$85,000.00 1 week ago Security Analyst III (Awareness & Education)
Chicago, IL $85,000.00-$120,000.00 1 month ago Darien, IL $81,300.00-$108,400.00 3 hours ago Principal Cybersecurity Analyst (multiple openings) - IHM
Greater Chicago Area $66,772.00-$124,005.00 3 months ago IT Audit, Cybersecurity & Risk Advisory Senior
Sales of IT Security Products and Service
Sales of IT Security Products and Service
Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
Join to apply for the
IT Risk and Security Compliance Analyst - Hybrid
role at
NORC at the University of Chicago IT Risk and Security Compliance Analyst - Hybrid
Join to apply for the
IT Risk and Security Compliance Analyst - Hybrid
role at
NORC at the University of Chicago Get AI-powered advice on this job and more exclusive features. Job Summary
NORC at the University of Chicago is seeking an Job Summary
NORC at the University of Chicago is seeking an
IT Risk and Security Compliance Analyst
with
extensive experience managing and optimizing ServiceNow GRC
to support and enhance our
security compliance program . This role will play a key part in configuring, maintaining, and improving
ServiceNow GRC workflows , ensuring compliance with
government security standards
such as
FISMA, NIST 800-53, HIPAA, and FedRAMP .
The ideal candidate will have strong expertise in
GRC tool management , compliance assessments, and risk monitoring. They will work closely with IT and security teams to automate processes, track compliance requirements, and support audits and risk assessments within a
hybrid, multi-tenant infrastructure .
DEPARTMENT: IT Risk and Compliance
NORC's Information Technology program provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.
Responsibilities
ServiceNow GRC Administration & Optimization
Lead the management, configuration, and optimization of ServiceNow GRC, ensuring alignment with security frameworks and regulatory requirements. Develop and automate workflows for compliance tracking, risk assessments, control monitoring, and audit management. Continuously improve and refine ServiceNow GRC functionalities to enhance efficiency and reporting. Provide training and support to internal teams on the use of ServiceNow GRC for compliance activities.
Security Compliance & Risk Management
Conduct risk assessments and track compliance with FISMA, NIST 800-53, HIPAA, and FedRAMP security controls. Maintain security documentation, including SSPs, CAPs, Contingency Plans, and other compliance artifacts. Perform continuous monitoring, identify security gaps, and recommend remediation strategies. Support internal and external audits, ensuring all required security evidence is collected and documented.
Collaboration & Communication
Work closely with IT, security engineers, and external clients to ensure security controls are implemented and maintained. Communicate compliance requirements effectively to technical and non-technical stakeholders.
Required Skills
Bachelors degree in management information systems, Computer Science, Business Administration, or related field (or equivalent experience). 2 years of experience in IT security, risk assessment, and compliance within a government contract environment. Extensive hands-on experience managing and configuring ServiceNow GRC. Security Certifications (one or more preferred): CISA, CISM, CRISC, CISSP, or SSCP. Strong knowledge of GRC/IRM systems for compliance tracking, risk management, and audit readiness. Experience in FedRAMP and FISMA, including security package development and control validation. Understanding of hybrid, multi-tenant infrastructure security, including network, server, database, and application security. Excellent verbal and written communication skills, with the ability to bridge technical and business perspectives.
Salary And Benefits
The pay range for this position is $77,000 $116,000.
Benefits
This position is classified as regular. Regular staff are eligible for NORCs comprehensive benefits program. Benefits include, but are not limited to:
Generously subsidized health insurance, effective on the first day of employment Dental and vision insurance A defined contribution retirement program, along with a separate voluntary 403(b) retirement program Group life insurance, long-term and short-term disability insurance Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).
NORCs Approach to Equity and Transparency
Pay and benefits transparency helps to reduce wage gaps. As part of our commitment to pay equity and salary transparency, NORC includes a salary range for each job opening along with information about eligible benefit offerings. At NORC, we take a comprehensive approach to setting salary ranges and reviewing raises and promotions, which is overseen by a formal Salary Review Committee (SRC).
What We Do
NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.
Who We Are
For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which were known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.
Eeo Statement
NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics.
Seniority level
Seniority level
Entry level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Research Services Referrals increase your chances of interviewing at NORC at the University of Chicago by 2x Sign in to set job alerts for Information Technology Security Analyst roles.
Sr Dir Infrastructure, IT Support & Cyber Security
Security Analyst - IoT, Medical & Industrial Devices
Senior Associate, IT Security Internal Audit
Chicago, IL $100,000.00-$110,000.00 2 days ago Senior Associate, Internal Audit Information Technology & Security
Chicago, IL $134,000.00-$174,200.00 2 weeks ago Greater Chicago Area $70,000.00-$80,000.00 4 days ago Chicago, IL $65,000.00-$85,000.00 1 week ago Security Analyst III (Awareness & Education)
Chicago, IL $85,000.00-$120,000.00 1 month ago Darien, IL $81,300.00-$108,400.00 3 hours ago Principal Cybersecurity Analyst (multiple openings) - IHM
Greater Chicago Area $66,772.00-$124,005.00 3 months ago IT Audit, Cybersecurity & Risk Advisory Senior
Sales of IT Security Products and Service
Sales of IT Security Products and Service
Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr