×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Support

Information Security Analyst, Governance, Risk, and Compliance

Job in Chicago, Cook County, Illinois, 60290, USA
Listing for: Apex Systems
Full Time position
Listed on 2026-02-08
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Support
Job Description & How to Apply Below

Overview

Job Title:

Governance, Risk & Compliance (GRC) Security Analyst (Hybrid)

Department/Unit:
Center for Translational Data Science (CTDS)

Reports To:

GRC Lead (with moderate direction)

Work Location:

5841 S Maryland Avenue, Chicago, IL 60637

Work Schedule:

40 hours/week | 8:30 AM – 5:00 PM (30-minute lunch) | Hybrid

Schedule:

Onsite Tuesdays / Remote Monday, Wednesday–Friday

Start Date:

ASAP | End Date: 7/30/2027 (term appointment as currently structured)

Notes:
This role supports secure research collaborations by strengthening security practices across hybrid environments and contributes to a culture of risk awareness and continuous improvement.

Role Summary

As a GRC Security Analyst, you will coordinate and support security governance, risk, and compliance initiatives under the guidance of the GRC Lead. You will help maintain compliance documentation and evidence, support audits and remediation activities, and work with engineers, researchers, and administrators to implement controls and strengthen CTDS security posture. With moderate direction, you will perform procedures to help ensure information system safety, monitor activity and potential threats, assist with risk assessments, and support changes to security processes and systems.

Key Responsibilities
  • Coordinate and support GRC projects and controls implementation under the guidance of the GRC Lead
  • Prepare, track, and maintain project documentation, compliance artifacts, and audit evidence
  • Facilitate internal and external audits, including evidence collection and remediation support (e.g., POA&Ms)
  • Collaborate with engineers, researchers, and administrators to promote a culture of compliance
  • Communicate security and compliance requirements in clear, accessible language and explain policies effectively
  • Assist with risk register maintenance, basic threat modeling, and risk assessments across hybrid environments
  • Monitor for fundamental risks (e.g., phishing attempts) and support proper handling of sensitive data (PII, PHI, CUI)
  • Support compliance-aligned practices under guidelines and standards such as HIPAA, GDPR, FISMA, and NIST
  • Support review and documentation of significant system changes, ensuring required compliance steps and approvals are completed prior to rollout
  • Stay current on evolving federal and data privacy regulations and contribute new insights to ongoing compliance efforts
  • Perform other related duties as needed
Minimum Qualifications
  • Education
  • Bachelor’s degree from an accredited college or university in a related field such as Business, Administration, Computer Science, Information Security, or similar
  • Experience
  • 3–5 years of experience in one or more of the following:
    • Information security
    • Risk analysis
    • Auditing
    • Compliance
    • Governance
  • Practical experience in highly regulated and/or federal environments, such as:
    • FedRAMP, FISMA, CMMC
  • Basic scripting/automation experience (Python or similar) or willingness to learn
  • Knowledge of audit and risk management methodologies such as:
    • COBIT, NIST 800-37 / 800-30, FAIR
  • Experience with tools and solutions used for:
    • GRC, IAM, and compliance automation/documentation
    • Information security tools and solutions
Preferred Certifications (Desired)
  • CompTIA Security+
  • AWS or GCP Cloud Security certifications
  • CISA, CISM, or CISSP Associate
Unit-Specific Competencies (Skills & Attributes)
  • Successful candidates typically demonstrate:
  • Practical understanding of core cybersecurity concepts (e.g., access control, authentication, threat vectors)
  • Familiarity with federal cybersecurity frameworks and requirements:
    FedRAMP, FISMA, NIST
  • Knowledge of hybrid IT systems, networking, and cloud environments (e.g., AWS, Google Cloud)
  • Strong organizational skills; able to manage multiple priorities and projects effectively
  • High adaptability and responsiveness in a dynamic, demand-based environment
  • Strong relationship-building skills and effectiveness across cross-functional teams
  • Sound judgment: ability to weigh Center/partner/agency needs against security and risk tolerance
  • Ability to conceptualize a course of action and execute successfully—often under tight deadlines
  • Ability to present information consistently and concisely
  • Excellent written and verbal…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search