×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Cybersecurity GRC Specialist II

Job in Chicago, Cook County, Illinois, 60290, USA
Listing for: Kirkland & Ellis
Full Time position
Listed on 2026-06-15
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

At Kirkland & Ellis, we don’t just meet the standard for legal excellence — we set it. Our culture is built on teamwork, ingenuity and an unwavering commitment to continuous growth. We tackle the most sophisticated legal challenges with bold ideas and innovative solutions, powered by the exceptional experience and ambition of our 7,000+ people, including 4,000+ attorneys, across 23 offices worldwide.

Our dedicated professionals share our lawyers’ commitment to excellence and show up each day to do meaningful work that helps drive global business, investment and innovation forward.

What You’ll Do

Are you driven to strengthen security programs, reduce risk, and help organizations meet evolving cybersecurity expectations?

As a Security GRC Specialist II
, you’ll be a key member of the Governance, Risk, and Compliance (GRC) team, leading and executing core GRC programs while serving as a trusted Information Security subject matter expert. This role blends strategic oversight with hands‑on execution—partnering with technical teams, business stakeholders, clients, and vendors to ensure security controls, policies, and risk practices are effective, compliant, and clearly communicated.

  • Client & Third-Party Assessments: Lead responses to client security assessments, questionnaires, and audits, documenting evidence and performing risk assessments as needed.
  • Policy & Standards Management: Create, maintain, and evolve security policies, standards, guidelines, and supporting documentation through strong technical writing.
  • Risk & Compliance Assurance: Manage and support processes that ensure Information Technology (IT) systems meet cybersecurity, risk, and compliance requirements.
  • Security Consulting & SME Support: Serve as an Information Security subject matter expert, advising technical and non-technical stakeholders across the organization.
  • Vendor

    Risk Management:

     Manage the third-party Security Vendor Risk Management program, including assessments, remediation tracking, and lifecycle oversight.
  • Exception & Risk Treatment: Oversee the security exception request process and provide guidance on appropriate risk treatment decisions.
  • Security Awareness Program: Manage the full lifecycle of the Security Awareness program, including roadmap development, training evaluation, and effectiveness measurement.
  • GRC Platform Administration: Support and optimize Governance, Risk, and Compliance (GRC) technology platforms and associated workflows.
  • Controls & Compliance Evaluations: Conduct evaluations of IT programs and components to confirm alignment with published security standards and frameworks.
What You’ll Bring
  • Education: Bachelor's degree or equivalent with five (5) years of work experience in IT Security is required.
  • Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Advanced in AI Audit (AAIA), Advanced in AI Risk (AAIR), Advanced in AI Security Management (AAISM) or other relevant training and certifications are preferred.
  • Information Security

    Experience:

     Four (4) or more years of Information Security experience, with hands‑on technical experience strongly preferred.
  • Framework & GRC Knowledge: Strong working knowledge of security frameworks and standards such as ISO 27001, National Institute of Standards and Technology (NIST), System and Organization Controls (SOC), and Standardized Information Gathering (SIG) is required.
  • AI Risk: Experience in Artificial Intelligence (AI) governance, security, and risk management is required.
  • Technical Writing & Communication: Proven ability to produce clear, well‑structured security documentation and communicate complex technical topics to varied audiences.
  • Risk & Vendor Management

    Skills:

     Experience leading risk assessments, vendor security reviews, and client‑facing security discussions with professionalism and tact.
  • GRC Tools & Technologies: Familiarity with GRC platforms, role‑based access controls, and a broad range of security technologies and tools.
  • Analytical & Organizational Strength: Strong problem‑solving, project management, and time management skills with the…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search