Developing AI-enabled capabilities that accelerate GRC and cyber operations-such as evidence ... Security certifications (Security+, CISM, CISA, CISSP, cloud certifications) or equivalent ...
Developing AI-enabled capabilities that accelerate GRC and cyber operations-such as evidence ... Security certifications (Security+, CISM, CISA, CISSP, cloud certifications) or equivalent ...
Last, this person will partner with our GRC team for audits, and other GRC initiatives that include ... Non-cloud security certificaitons such as a CISSP is still great to have * Network security ...
Last, this person will partner with our GRC team for audits, and other GRC initiatives that include ... Non-cloud security certificaitons such as a CISSP is still great to have * Network security ...
Cloud Security Architect - Azure focus
Chicago, IL · Hybrid
$67.50 - $89.75/hr
Experience with SOC 2, ISO 27001, NIST 800-53 and other security/GRC frameworks * CISSP, CISM or other security certifications
Cloud Security Architect - Azure focus
Chicago, IL · Hybrid
$67.50 - $89.75/hr
Experience with SOC 2, ISO 27001, NIST 800-53 and other security/GRC frameworks * CISSP, CISM or other security certifications
... GRC and Risk Governance Support and maintain governance, risk, and compliance processes aligned ... CISSP, CISM, CRISC, or similar
... GRC and Risk Governance Support and maintain governance, risk, and compliance processes aligned ... CISSP, CISM, CRISC, or similar
Senior Manager - Digital Risk (Remote)
Chicago, IL · On-site +1
Certifications like CISA, CIPT, CRISC, CISSP, CISM * 7+ years of related experience * Experience with GRC/IRM platforms (e.g., ServiceNow GRC) for risk workflow automation and reporting * Familiarity ...
Senior Manager - Digital Risk (Remote)
Chicago, IL · On-site +1
Certifications like CISA, CIPT, CRISC, CISSP, CISM * 7+ years of related experience * Experience with GRC/IRM platforms (e.g., ServiceNow GRC) for risk workflow automation and reporting * Familiarity ...
Sr. IT Internal Controls Analyst
Northbrook, IL · Hybrid
$92K - $138K/yr
... CISA, CISSP, CIA, CPA, CRISC, or CISM Work Experience * Experience designing SAP controls * Experience using AuditBoard SOXHUB module * Experience configuring and deploying modern GRC tools
Sr. IT Internal Controls Analyst
Northbrook, IL · Hybrid
$92K - $138K/yr
... CISA, CISSP, CIA, CPA, CRISC, or CISM Work Experience * Experience designing SAP controls * Experience using AuditBoard SOXHUB module * Experience configuring and deploying modern GRC tools
Sr. IT Internal Controls Analyst
Northbrook, IL · Hybrid
$92K - $138K/yr
... CISA, CISSP, CIA, CPA, CRISC, or CISM Work Experience * Experience designing SAP controls * Experience using AuditBoard SOXHUB module * Experience configuring and deploying modern GRC tools
Sr. IT Internal Controls Analyst
Northbrook, IL · Hybrid
$92K - $138K/yr
... CISA, CISSP, CIA, CPA, CRISC, or CISM Work Experience * Experience designing SAP controls * Experience using AuditBoard SOXHUB module * Experience configuring and deploying modern GRC tools
Sr. IT Internal Controls Analyst
Northbrook, IL · On-site
$92K - $138K/yr
... CISA, CISSP, CIA, CPA, CRISC, or CISM Work Experience * Experience designing SAP controls * Experience using AuditBoard SOXHUB module * Experience configuring and deploying modern GRC tools
Sr. IT Internal Controls Analyst
Northbrook, IL · On-site
$92K - $138K/yr
... CISA, CISSP, CIA, CPA, CRISC, or CISM Work Experience * Experience designing SAP controls * Experience using AuditBoard SOXHUB module * Experience configuring and deploying modern GRC tools
IT Security Program Manager
Chicago, IL · On-site
... GRC * Must have experience with frameworks such as COBIT, NIST, ISO/IEC 27001, ITIL, etc. Nice to ... Relevant security certifications such as CISSP, CEH, CISA, etc.
IT Security Program Manager
Chicago, IL · On-site
... GRC * Must have experience with frameworks such as COBIT, NIST, ISO/IEC 27001, ITIL, etc. Nice to ... Relevant security certifications such as CISSP, CEH, CISA, etc.
... GRC, Governance Risk and Compliance, SOC2 Type 2, SIG, Pen Test, CISA, CISM, GSEC, CISSP, CRISC, Chicago Recruiters, Information Technology Jobs, IT Jobs, Chicago Recruiting Looking to hire for ...
... GRC, Governance Risk and Compliance, SOC2 Type 2, SIG, Pen Test, CISA, CISM, GSEC, CISSP, CRISC, Chicago Recruiters, Information Technology Jobs, IT Jobs, Chicago Recruiting Looking to hire for ...
Partner with Security & GRC to support PCI DSS 4.0 and SOX ITGC requirements * Ensure controls are ... Certified Information Systems Security Professional (CISSP) * Cloud security certifications such as ...
Partner with Security & GRC to support PCI DSS 4.0 and SOX ITGC requirements * Ensure controls are ... Certified Information Systems Security Professional (CISSP) * Cloud security certifications such as ...
... GRC, Governance Risk and Compliance, SOC2 Type 2, SIG, Pen Test, CISA, CISM, GSEC, CISSP, CRISC, Chicago Recruiters, Information Technology Jobs, IT Jobs, Chicago Recruiting Looking to hire for ...
... GRC, Governance Risk and Compliance, SOC2 Type 2, SIG, Pen Test, CISA, CISM, GSEC, CISSP, CRISC, Chicago Recruiters, Information Technology Jobs, IT Jobs, Chicago Recruiting Looking to hire for ...
Partner with Security & GRC to support PCI DSS 4.0 and SOX ITGC requirements * Ensure controls are ... Certified Information Systems Security Professional (CISSP) * Cloud security certifications such as ...
Partner with Security & GRC to support PCI DSS 4.0 and SOX ITGC requirements * Ensure controls are ... Certified Information Systems Security Professional (CISSP) * Cloud security certifications such as ...
Ability to travel, as required * 3+ years' experience in governance, risk and compliance (GRC ... CISSP or equivalent certifications and/or experience * Demonstrated ability to apply technology ...
Ability to travel, as required * 3+ years' experience in governance, risk and compliance (GRC ... CISSP or equivalent certifications and/or experience * Demonstrated ability to apply technology ...
Ability to travel, as required * 3+ years' experience in governance, risk and compliance (GRC ... CISSP or equivalent certifications and/or experience * Demonstrated ability to apply technology ...
Ability to travel, as required * 3+ years' experience in governance, risk and compliance (GRC ... CISSP or equivalent certifications and/or experience * Demonstrated ability to apply technology ...
Ability to travel, as required * 3+ years' experience in governance, risk and compliance (GRC ... CISSP or equivalent certifications and/or experience * Demonstrated ability to apply technology ...
Ability to travel, as required * 3+ years' experience in governance, risk and compliance (GRC ... CISSP or equivalent certifications and/or experience * Demonstrated ability to apply technology ...
Certifications in governance or security (CISSP, CISA, CIPP, CRISC) * Experience with vendor risk ... Governance: Policy management platforms, GRC tools (ServiceNow GRC, Archer, LogicGate) * AI ...
Certifications in governance or security (CISSP, CISA, CIPP, CRISC) * Experience with vendor risk ... Governance: Policy management platforms, GRC tools (ServiceNow GRC, Archer, LogicGate) * AI ...
Familiarity or direct experience with GRC/Cybersecurity solutions, tools and technologies * Control ... CIPP, CRCM, CRM, ARM, CISSP, CISM QUALIFICATIONS Required- * Alignment to our core values:
Familiarity or direct experience with GRC/Cybersecurity solutions, tools and technologies * Control ... CIPP, CRCM, CRM, ARM, CISSP, CISM QUALIFICATIONS Required- * Alignment to our core values:
Cyber Oracle Cloud Security - Manager
Chicago, IL · On-site
$114.30K - $154.50K/yr
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager ... GRC) solutions that help clients reduce risk and strengthen controls. You will lead assessments ...
Cyber Oracle Cloud Security - Manager
Chicago, IL · On-site
$114.30K - $154.50K/yr
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager ... GRC) solutions that help clients reduce risk and strengthen controls. You will lead assessments ...
... GRC), audit, Information Technology (IT), and business stakeholders to drive platform consistency ... CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems ...
... GRC), audit, Information Technology (IT), and business stakeholders to drive platform consistency ... CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems ...
Cissp Grc information
See Chicago, IL salary details
$70K - $81.6K
5% of jobs
$81.6K - $93.2K
6% of jobs
$93.2K - $104.7K
11% of jobs
$107K is the 25th percentile. Wages below this are outliers.
$104.7K - $116.3K
15% of jobs
The median wage is $124.8K / yr.
$116.3K - $127.9K
18% of jobs
$127.9K - $139.4K
16% of jobs
$144.4K is the 75th percentile. Wages above this are outliers.
$139.4K - $151K
11% of jobs
$151K - $162.6K
8% of jobs
$162.6K - $174.1K
5% of jobs
$174.1K - $185.7K
4% of jobs
$185.7K - $197.3K
1% of jobs
$70K
$130.7K
$197.3K
How much do cissp grc jobs pay per year?
As of May 28, 2026, the average yearly pay for cissp grc in Chicago, IL is $130,657.00, according to ZipRecruiter salary data. Most workers in this role earn between $108,200.00 and $149,400.00 per year, depending on experience, location, and employer.
What are the key skills and qualifications needed to thrive as a CISSP GRC professional, and why are they important?
To thrive as a CISSP GRC (Governance, Risk, and Compliance) professional, you need deep knowledge of information security principles, risk management frameworks, and regulatory compliance, typically validated by the CISSP certification. Familiarity with tools such as GRC platforms (e.g., RSA Archer, ServiceNow GRC), risk assessment software, and compliance tracking systems is essential. Strong analytical thinking, attention to detail, and effective communication skills help you interpret complex regulations and collaborate with diverse stakeholders. These skills are critical to ensuring organizations meet regulatory requirements, manage risks proactively, and maintain a robust security posture.
How does a CISSP GRC professional typically collaborate with IT, legal, and business teams within an organization?
A CISSP GRC (Governance, Risk, and Compliance) professional often acts as a bridge between technical, legal, and business stakeholders. They work closely with IT teams to ensure security controls align with organizational policies, coordinate with legal departments to interpret regulatory requirements, and advise business leaders on risk management strategies. Regular cross-functional meetings, risk assessments, and policy reviews are common, making strong communication skills essential. This collaborative approach ensures that security and compliance initiatives support both regulatory standards and business objectives.
What is a CISSP GRC professional?
A CISSP GRC professional is an expert who combines the Certified Information Systems Security Professional (CISSP) certification with knowledge and experience in Governance, Risk, and Compliance (GRC) practices. These professionals help organizations align their security programs with business objectives, manage risks, and ensure compliance with relevant regulations and standards. They are responsible for developing, implementing, and monitoring security policies, procedures, and controls, while also conducting risk assessments and audits. Their work is critical for maintaining an organization's information security posture and meeting regulatory requirements.
What is the difference between Cissp Grc vs Cissp Security Analyst?
| Aspect | Cissp Grc | Cissp Security Analyst |
|---|---|---|
| Certifications | Cissp, GRC-focused certifications | Cissp, Security certifications |
| Work Environment | Governance, risk management, compliance teams | Security operations, incident response teams |
| Employer & Industry | Organizations with compliance and risk needs | Organizations focusing on security monitoring |
The Cissp Grc role primarily focuses on governance, risk management, and compliance, working closely with organizational policies. In contrast, a Cissp Security Analyst concentrates on security operations, monitoring, and incident response. While both roles require Cissp certification, their daily tasks and focus areas differ significantly, making each suitable for different career paths within cybersecurity.
What are popular job titles related to Cissp Grc jobs in Chicago, IL? For Cissp Grc jobs in Chicago, IL, the most frequently searched job titles are:
What job categories do people searching Cissp Grc jobs in Chicago, IL look for? The top searched job categories for Cissp Grc jobs in Chicago, IL are:
What cities near Chicago, IL are hiring for Cissp Grc jobs? Cities near Chicago, IL with the most Cissp Grc job openings:
Deloitte rating
8.1
Based on 86 frontline employees who took The Breakroom Quiz
60th of 138 rated financial services
Job description
Are you interested in improving the cyber and organizational risk profiles of leading companies? Do you want to build the data foundations that power the next generation of AI-enabled cyber defense?
If yes, then Deloitte's Cyber team could be the place for you.
We are looking for a hands-on Data Engineer to build and operate the governed data foundations powering cyber risk, compliance evidence, and agentic AI-enabled cyber workflows. You will design production-grade pipelines and services that support risk reporting, continuous controls monitoring, and AI-assisted security operations-built with strong governance, lineage, privacy-by-design, and audit-ready evidence.
This role is ideal for engineers who can bridge modern data engineering and software development with Governance, Risk, and Compliance (GRC) expectations in regulated enterprise environments.
Recruiting for this role ends on 6/5/2026.
Work You'll Do
As a Senior Consultant, you will design, build, and run trusted data and AI foundations that enable cyber risk and compliance outcomes, including:
Building scalable batch and stream processing pipelines that ingest security telemetry, control evidence, and compliance artifacts into governed data stores (lakehouse/warehouse).
Designing data models for risk and controls domains (KRIs, issues/defects, risk acceptance, control testing outcomes, audit evidence, policy exceptions) and enabling self-service analytics and dashboards.
Implementing data quality checks, lineage, metadata, and access controls to support auditability, regulatory defensibility, and repeatable evidence generation.
Developing AI-enabled capabilities that accelerate GRC and cyber operations-such as evidence summarization, control testing assist, policy Q&A, investigation copilots, ticket triage, and exception reasoning-using agentic patterns including tool/function calling, workflow orchestration, and Retrieval-Augmented Generation (RAG).
Engineering secure integrations between data platforms, GRC workflows, and enterprise systems (APIs, event patterns, connectors), with observability and runbooks for production support.
Partnering with Cyber, Risk, Compliance, Privacy, and Legal stakeholders to translate requirements into implementable controls and developer-ready guardrails.
Technologies You'll Work With
Languages & Frameworks: Python, SQL, Java/Go/JavaScript; LangChain/LangGraph, CrewAI, AutoGen, Semantic Kernel
Data & AI Platforms: Vector databases (Pinecone, Weaviate, Elastic), Knowledge Graphs, RAG pipelines, LLMOps/MLOps tooling
Cloud & Infrastructure: AWS, Azure, or GCP; Kubernetes, Docker, Terraform/IaC, GitOps CI/CD
GRC & Security: ServiceNow GRC, Archer, OneTrust, BigID; SIEM/SOAR data, vulnerability data, identity logs
The Team
You will join a cyber engineering team focused on enabling resilient, secure, and compliant operations through modern data platforms and AI-enabled automation. The team builds repeatable assets-reference architectures, accelerators, and governance patterns-to help clients modernize and scale cyber and GRC programs.
Qualifications
Required
Bachelor's degree or equivalent practical experience.
4+ years of hands-on experience in data engineering and software development (Python and SQL required).
Demonstrated experience building production data pipelines and data models (batch and/or streaming) with strong engineering discipline (CI/CD, testing, monitoring, incident response).
Demonstrated experience implementing governance controls in data and AI systems: data classification, PII handling, least-privilege access, encryption/secrets, retention, audit logging, and lineage/metadata.
Experience supporting GRC workflows and evidence needs (risk reporting, audit data requests, controls monitoring/testing, compliance metrics, or GRC tooling integrations).
Practical experience building agentic or LLM-enabled applications in enterprise settings (RAG, vector/hybrid retrieval, tool/function calling, evaluation/monitoring, prompt-injection defenses, and secure access patterns).
Experience with one or more major cloud platforms and modern deployment patterns (containers, IaC, secured APIs, secrets management).
Ability to travel 0-25%, on average, based on client and project needs.
Limited immigration sponsorship may be available.
Preferred
Previous consulting or Big 4 experience.
Hands-on experience with Java, Go, or JavaScript a plus.
Experience integrating with governance and privacy platforms (e.g., ServiceNow GRC, OneTrust) and building evidence pipelines that map to control objectives.
Experience with security telemetry pipelines (SIEM/SOAR data, vulnerability data, identity logs, cloud security posture findings).
Experience operationalizing LLMOps/MLOps capabilities (evaluation, monitoring, versioning, governance workflows).
Security certifications (Security+, CISM, CISA, CISSP, cloud certifications) or equivalent experience building secure systems.
Experience working with cross-functional stakeholders and translating control requirements into implementable engineering tasks.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
#CyberDTP27
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
Qualifications:Are you interested in improving the cyber and organizational risk profiles of leading companies? Do you want to build the data foundations that power the next generation of AI-enabled cyber defense?
If yes, then Deloitte's Cyber team could be the place for you.
We are looking for a hands-on Data Engineer to build and operate the governed data foundations powering cyber risk, compliance evidence, and agentic AI-enabled cyber workflows. You will design production-grade pipelines and services that support risk reporting, continuous controls monitoring, and AI-assisted security operations-built with strong governance, lineage, privacy-by-design, and audit-ready evidence.
This role is ideal for engineers who can bridge modern data engineering and software development with Governance, Risk, and Compliance (GRC) expectations in regulated enterprise environments.
Recruiting for this role ends on 6/5/2026.
Work You'll Do
As a Senior Consultant, you will design, build, and run trusted data and AI foundations that enable cyber risk and compliance outcomes, including:
Building scalable batch and stream processing pipelines that ingest security telemetry, control evidence, and compliance artifacts into governed data stores (lakehouse/warehouse).
Designing data models for risk and controls domains (KRIs, issues/defects, risk acceptance, control testing outcomes, audit evidence, policy exceptions) and enabling self-service analytics and dashboards.
Implementing data quality checks, lineage, metadata, and access controls to support auditability, regulatory defensibility, and repeatable evidence generation.
Developing AI-enabled capabilities that accelerate GRC and cyber operations-such as evidence summarization, control testing assist, policy Q&A, investigation copilots, ticket triage, and exception reasoning-using agentic patterns including tool/function calling, workflow orchestration, and Retrieval-Augmented Generation (RAG).
Engineering secure integrations between data platforms, GRC workflows, and enterprise systems (APIs, event patterns, connectors), with observability and runbooks for production support.
Partnering with Cyber, Risk, Compliance, Privacy, and Legal stakeholders to translate requirements into implementable controls and developer-ready guardrails.
Technologies You'll Work With
Languages & Frameworks: Python, SQL, Java/Go/JavaScript; LangChain/LangGraph, CrewAI, AutoGen, Semantic Kernel
Data & AI Platforms: Vector databases (Pinecone, Weaviate, Elastic), Knowledge Graphs, RAG pipelines, LLMOps/MLOps tooling
Cloud & Infrastructure: AWS, Azure, or GCP; Kubernetes, Docker, Terraform/IaC, GitOps CI/CD
GRC & Security: ServiceNow GRC, Archer, OneTrust, BigID; SIEM/SOAR data, vulnerability data, identity logs
The Team
You will join a cyber engineering team focused on enabling resilient, secure, and compliant operations through modern data platforms and AI-enabled automation. The team builds repeatable assets-reference architectures, accelerators, and governance patterns-to help clients modernize and scale cyber and GRC programs.
Qualifications
Required
Bachelor's degree or equivalent practical experience.
4+ years of hands-on experience in data engineering and software development (Python and SQL required).
Demonstrated experience building production data pipelines and data models (batch and/or streaming) with strong engineering discipline (CI/CD, testing, monitoring, incident response).
Demonstrated experience implementing governance controls in data and AI systems: data classification, PII handling, least-privilege access, encryption/secrets, retention, audit logging, and lineage/metadata.
Experience supporting GRC workflows and evidence needs (risk reporting, audit data requests, controls monitoring/testing, compliance metrics, or GRC tooling integrations).
Practical experience building agentic or LLM-enabled applications in enterprise settings (RAG, vector/hybrid retrieval, tool/function calling, evaluation/monitoring, prompt-injection defenses, and secure access patterns).
Experience with one or more major cloud platforms and modern deployment patterns (containers, IaC, secured APIs, secrets management).
Ability to travel 0-25%, on average, based on client and project needs.
Limited immigration sponsorship may be available.
Preferred
Previous consulting or Big 4 experience.
Hands-on experience with Java, Go, or JavaScript a plus.
Experience integrating with governance and privacy platforms (e.g., ServiceNow GRC, OneTrust) and building evidence pipelines that map to control objectives.
Experience with security telemetry pipelines (SIEM/SOAR data, vulnerability data, identity logs, cloud security posture findings).
Experience operationalizing LLMOps/MLOps capabilities (evaluation, monitoring, versioning, governance workflows).
Security certifications (Security+, CISM, CISA, CISSP, cloud certifications) or equivalent experience building secure systems.
Experience working with cross-functional stakeholders and translating control requirements into implementable engineering tasks.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
#CyberDTP27
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
Education:Bachelor's DegreeEmployment Type: