Join Our Team. NORC at the University of Chicago is on the lookout for a dedicated
IT Security and Compliance Analyst with exceptional skills in
ServiceNow GRC management to elevate our
security compliance program. In this role, you will be instrumental in configuring, maintaining, and enhancing
ServiceNow GRC workflows while ensuring adherence to vital government security standards, including
FISMA, NIST 800-53, HIPAA, and FedRAMP.
We are seeking someone with strong expertise in
compliance assessments,
risk monitoring, and the ability to collaborate effectively with IT and security teams. If you are passionate about automating processes and contributing to security excellence in a
hybrid, multi-tenant infrastructure, this position is for you.
Department Overview: The IT Risk and Compliance department at NORC provides crucial technology services to enhance our staff and client operations. We prioritize delivering high-quality solutions that support the advancement of social science research.
Key Responsibilities: - ServiceNow GRC Management: Lead the configuration and optimization of ServiceNow GRC to align with security frameworks and compliance requirements.
- Develop automated workflows for compliance tracking, risk assessments, and audit management.
- Continuously enhance ServiceNow GRC functionalities to improve efficiency and reporting.
- Train and support internal teams on best practices for ServiceNow GRC.
Security Compliance and Risk Management: - Conduct risk assessments and ensure compliance with federal security controls.
- Maintain necessary security documentation and compliance artifacts.
- Carry out continuous monitoring to identify security gaps and recommend solutions.
- Assist in internal and external audits, ensuring all security evidence is collected.
Collaboration & Communication: - Work closely with IT and security engineers to implement and maintain security controls.
- Effectively communicate compliance requirements to both technical and non-technical stakeholders.
Required Skills: - Bachelor's degree in a related field, or equivalent experience.
- 2 years of experience in IT security and compliance, particularly in government environments.
- Extensive experience with ServiceNow GRC administration.
- Security certifications such as CISA, CISM, CRISC, CISSP, or SSCP are preferred.
- Strong understanding of GRC/IRM systems.
- Experience with FedRAMP and FISMA compliance.
- Knowledge of hybrid, multi-tenant infrastructure security.
- Excellent verbal and written communication skills.
Salary and Benefits: The pay range for this position is $77,000 - $116,000. This position is regular and eligible for NORC's comprehensive benefits, which include health insurance, dental and vision coverage, retirement programs, and generous paid time off, among other benefits.
NORC's Commitment: At NORC, we believe in pay equity and transparency. Our approach includes a formal Salary Review Committee to ensure fair practices in setting salaries.
About NORC: As a non-partisan research institution, NORC provides reliable data and insights for business and policy decisions. Since 1941, we have partnered with clients to turn complex information into actionable knowledge.
EEO Statement: NORC is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, veteran status, sexual orientation, and other legally protected characteristics.