×
Register Here to Apply for Jobs or Post Jobs. X

Senior IT Risk and Compliance Analyst

Job in South Naperville Area, Will County, Illinois, 60564, USA
Listing for: NORC at the University of Chicago
Full Time position
Listed on 2026-07-14
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 97000 - 120000 USD Yearly USD 97000.00 120000.00 YEAR
Job Description & How to Apply Below

Job Summary

NORC at the University of Chicago seeks a Senior IT Risk and Compliance Analyst to join the DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations.

Location

This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office. Qualified applicants must be U.S. citizens due to security clearance requirements for projects.

Responsibilities
  • Specify, document, validate, and maintain IT security and privacy controls to ensure compliance with clients’ (principally Government) security requirements and corporate standards for data and systems integrity.
  • Develop and implement tools and processes to measure and track IT risk and compliance metrics.
  • Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting.
  • Conduct risk assessments and security impact analyses of information systems.
Required Skills Education and Certifications
  • Bachelor’s degree in computer science, information technology, or a related field (or equivalent experience).
  • Professional certifications such as CISSP, CISM, or similar.
General Experience
  • Minimum of 4 years in information security roles, emphasizing security architecture and engineering solutions.
  • Proven experience in performing network penetration testing, vulnerability scans, and configuration analysis.
  • Experience overseeing project penetration testing activities.
  • Preferred experience as an ISO for federal programs and projects.
  • Experience coordinating communications across vendors, internal stakeholders, and program owners.
  • Experience using CSAM.
ATO Experience
  • In-depth knowledge guiding information systems through the Authorization to Operate (ATO) process.
  • Demonstrated success in obtaining authorizations for information systems and navigating related regulations (NIST SP, FISMA).
  • Ability to streamline and expedite ATO timelines while maintaining security standards.
  • Expertise in developing and presenting comprehensive ATO documentation, including System Security Plans.
  • Skill in addressing and mitigating security risks identified during the ATO process.
  • Exceptional communication skills to articulate ATO requirements, progress, and challenges to both technical and non-technical stakeholders.
Risk Management Experience
  • Developed threat models and conducted security risk assessments.
  • Recommended mitigations and countermeasures for identified risks and vulnerabilities.
  • Executed incident response across vendors, internal stakeholders, and program owners, including coordinating technical response, legal, and communication efforts.
Compliance and Documentation
  • Strong understanding of government regulations and standards related to information security.
  • Performs security compliance checks and audit activities.
  • Reviews and validates security documentation such as system security requirements definitions and System Security Plans.
  • Conducts penetration testing across multiple vendors, contractors, and consultants to meet stringent client requirements.
Communication and Guidance
  • Strong communication skills to guide NORC customers on security policies and regulations.
  • Effectively explains complex security concepts to both technical and non-technical stakeholders.
Salary and Benefits

The pay range is $97,000 - $120,000. This position is classified as regular staff, eligible for NORC’s comprehensive benefits program.

Benefits
  • Generously subsidized health insurance, effective on the first day of employment.
  • Dental and vision insurance.
  • Defined contribution retirement program and a separate voluntary 403(b) program.
  • Group life insurance, long‑term and short‑term disability insurance.
  • Work/life balance benefits: generous paid time off, holidays, paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).
What We Do

NORC at the University of Chicago is an objective, non‑partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. We collaborate with government, corporate, and nonprofit clients worldwide to transform complex information into actionable insights.

Who We Are

For 80+ years, NORC has advanced research methods, technology, and academic collaboration. We pride ourselves on excellence, innovation, and collegiality. NORC offers a business‑casual environment, continuous learning opportunities, and a supportive culture where people thrive.

EEO Statement

NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, or any other legally protected characteristic.

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary