Senior IT Risk and Compliance Analyst Apply now Job no: 503865 Work type: Regular Full-Time Location: Chicago - 300 E Randolph St Capability Area: IT DSS Security and Compliance JOB SUMMARY: NORC at ...
Senior IT Risk and Compliance Analyst Apply now Job no: 503865 Work type: Regular Full-Time Location: Chicago - 300 E Randolph St Capability Area: IT DSS Security and Compliance JOB SUMMARY: NORC at ...
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team ...
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team ...
IT Risk Manager
Chicago, IL · Hybrid
Overview The Manager, Risk Management is responsible for the building and coordination of a ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
IT Risk Manager
Chicago, IL · Hybrid
Overview The Manager, Risk Management is responsible for the building and coordination of a ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
Senior IT Risk and Compliance Analyst Job no: 503865 Work type: Regular Full-Time Location: Chicago - 300 E Randolph St Capability Area: IT DSS Security and Compliance JOB SUMMARY: NORC at the ...
Senior IT Risk and Compliance Analyst Job no: 503865 Work type: Regular Full-Time Location: Chicago - 300 E Randolph St Capability Area: IT DSS Security and Compliance JOB SUMMARY: NORC at the ...
Sr. IT Risk Manager
Chicago, IL · Hybrid
... Technology on the execution of enterprise and operational risk programs, promoting an environment ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
Sr. IT Risk Manager
Chicago, IL · Hybrid
... Technology on the execution of enterprise and operational risk programs, promoting an environment ... information, gender, gender identity, gender expression, age, national origin, ancestry ...
Director, Technology Risk Advisory & IT Controls (Chicago)
Chicago, IL · On-site
$183K - $356K/yr
The role involves overseeing technology risk areas, driving client deliverables, and business development. The ideal candidate will have over 12 years of experience in IT strategy and governance ...
Director, Technology Risk Advisory & IT Controls (Chicago)
Chicago, IL · On-site
$183K - $356K/yr
The role involves overseeing technology risk areas, driving client deliverables, and business development. The ideal candidate will have over 12 years of experience in IT strategy and governance ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market. What You'll Do * Supervise and ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market. What You'll Do * Supervise and ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
Quick apply
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
IT Compliance
$93K - $93K/yr
Persons in this role will be a primary resource for gathering IT risk and controls information and facilitating related surveys and audits. Partner with the IT Compliance managers and director to ...
IT Compliance
$93K - $93K/yr
Persons in this role will be a primary resource for gathering IT risk and controls information and facilitating related surveys and audits. Partner with the IT Compliance managers and director to ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
In this role you will drive delivery and growth across a range of technology risk areas: IT controls; IT governance, risk, and compliance for the Chicago market What You'll Do * Supervise and provide ...
Information Technology Lead the enterprise AI Systems Governance Program, with core accountability ... Intake, risk assessment, approval, monitoring, and retirement * Lead the AIS / Security Governance ...
Information Technology Lead the enterprise AI Systems Governance Program, with core accountability ... Intake, risk assessment, approval, monitoring, and retirement * Lead the AIS / Security Governance ...
This role is responsible for establishing and maintaining the enterprise information security and technology risk framework, ensuring alignment with regulatory expectations and safeguarding sensitive ...
This role is responsible for establishing and maintaining the enterprise information security and technology risk framework, ensuring alignment with regulatory expectations and safeguarding sensitive ...
Supervisor, Technology Risk Consulting - SOC and IT Audit (Financial Services Industry)
Chicago, IL · On-site
As a Technology Risk Consulting Supervisor you'll lead highimpact IT audit and SOC engagements for financial services clients, blending technical depth with leadership presence. You'll mentor teams ...
Supervisor, Technology Risk Consulting - SOC and IT Audit (Financial Services Industry)
Chicago, IL · On-site
As a Technology Risk Consulting Supervisor you'll lead highimpact IT audit and SOC engagements for financial services clients, blending technical depth with leadership presence. You'll mentor teams ...
Enterprise Architect (IT)
Chicago, IL · On-site +1
$71.25 - $91.75/hr
Provide visibility into technology risk, technical debt, platform health, lifecycle obsolescence ... Bachelor's degree in computer science, Information Technology, Engineering, Business, or a related ...
Enterprise Architect (IT)
Chicago, IL · On-site +1
$71.25 - $91.75/hr
Provide visibility into technology risk, technical debt, platform health, lifecycle obsolescence ... Bachelor's degree in computer science, Information Technology, Engineering, Business, or a related ...
Enterprise Architect (IT)
Chicago, IL · On-site +1
$71 - $91.75/hr
Provide visibility into technology risk, technical debt, platform health, lifecycle obsolescence ... Bachelor's degree in computer science, Information Technology, Engineering, Business, or a related ...
Enterprise Architect (IT)
Chicago, IL · On-site +1
$71 - $91.75/hr
Provide visibility into technology risk, technical debt, platform health, lifecycle obsolescence ... Bachelor's degree in computer science, Information Technology, Engineering, Business, or a related ...
This position supports the enterprise-wide Information Security program as a trusted technical ... Assess emerging AI technology prior to adoption * Provide advisory on AI technology Risk and ...
This position supports the enterprise-wide Information Security program as a trusted technical ... Assess emerging AI technology prior to adoption * Provide advisory on AI technology Risk and ...
Governance & Risk Analyst
Chicago, IL · On-site
$85K - $95K/yr
Strong understanding of IT risk assessment methodologies, frameworks, and industry best practices. * Assess vendor security posture against frameworks such as ISO 27001 / 27002, NIST, and SOC 2. * ...
Governance & Risk Analyst
Chicago, IL · On-site
$85K - $95K/yr
Strong understanding of IT risk assessment methodologies, frameworks, and industry best practices. * Assess vendor security posture against frameworks such as ISO 27001 / 27002, NIST, and SOC 2. * ...
Senior Associate, IT Internal Audit
Chicago, IL · On-site
$92K - $127K/yr
Work with client senior management to design, and implement new IT risk and control frameworks, sustainable solutions (including, applying knowledge of governance, risk and security tools), operating ...
Senior Associate, IT Internal Audit
Chicago, IL · On-site
$92K - $127K/yr
Work with client senior management to design, and implement new IT risk and control frameworks, sustainable solutions (including, applying knowledge of governance, risk and security tools), operating ...
It Risk information
See Illinois salary details
$18.69 is the 25th percentile. Wages below this are outliers.
$13.98 - $19.23
28% of jobs
The median wage is $22.36 / hr.
$19.23 - $24.48
37% of jobs
$24.48 - $29.73
6% of jobs
$33.01 is the 75th percentile. Wages above this are outliers.
$29.73 - $34.98
6% of jobs
$34.98 - $40.23
12% of jobs
$40.23 - $45.49
0% of jobs
$45.49 - $50.74
0% of jobs
$50.74 - $55.99
8% of jobs
$55.99 - $61.24
0% of jobs
$61.24 - $66.49
0% of jobs
$66.49 - $71.75
2% of jobs
$13
$29
$71
How much do it risk jobs pay per hour?
What is IT risk?
What is the difference between It Risk vs Cybersecurity Analyst?
| Aspect | It Risk | Cybersecurity Analyst |
|---|---|---|
| Required Credentials | Certifications like CRISC, CISSP, CISA | Certifications like CompTIA Security+, CISSP, CEH |
| Work Environment | Risk management teams, compliance departments | Security operations centers, IT departments |
| Employer & Industry Usage | Financial, healthcare, and large enterprises | Tech firms, finance, government agencies |
It Risk professionals focus on identifying, assessing, and mitigating risks related to IT systems and compliance. Cybersecurity Analysts primarily monitor and respond to security threats and incidents. While both roles require similar certifications and work in overlapping environments, It Risk emphasizes risk management strategies, whereas Cybersecurity Analysts concentrate on security operations and threat response.
What are the key skills and qualifications needed to thrive as an IT Risk professional, and why are they important?
What are some common challenges faced by IT Risk professionals when working with cross-functional teams?

Other
Medical, Dental, Vision, Life, Retirement, PTO
Posted 11 days ago
Job description
Apply now Job no: 503865 Work type: Regular Full-Time Location: Chicago - 300 E Randolph St Capability Area: IT DSS Security and Compliance
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. Â
The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The team is responsible for specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. The team develops and implements tools and processes to measure and track IT risk and compliance metrics. The team provides guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. The team conducts risk assessments and security impact analyses of information systems.Â
Location: This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office.Â
Qualified applicants must be U.S. citizens due to security clearance requirements for projects.Â
NORC's Digital Services & Solutions group provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.Â
Work with the team in specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security. requirements of clients (principally Government) and corporate standards for data and systems integrity.Â
Help develop and implement tools and processes to measure and track IT risk and compliance metrics.Â
Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting.Â
Assist the team with conducting risk assessments and security impact analyses of information systems.Â
Education and Certifications:Â
Bachelor's degree in computer science, Information Technology, or a related field (or equivalent years of experience).Â
Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certifications.Â
General Experience:Â
Minimum of 4 years of experience in information security roles, emphasizing security architecture and engineering solutions.Â
Proven experience in performing network penetration testing, vulnerability scans, and configuration analysis.Â
Experience overseeing project penetration testing activities.Â
Preferred experience as an ISO for federal programs and projects.Â
Experience coordinating communications across vendors, internal stakeholders, and program owners.Â
Experience using CSAMÂ
ATO Experience:Â
In-depth knowledge and experience guiding information systems through the Authorization to Operate (ATO) process:Â Â
Proficient in navigating the complex landscape of ATO processes, demonstrating a successful track record in obtaining authorizations for information systemsÂ
Extensive knowledge of the steps involved in the ATO process, ensuring compliance with government regulations and standards, including NIST Special Publications and FISMAÂ
A proven ability to streamline and expedite ATO timelines without compromising security standards, showcasing efficiency in documentation and regulatory adherenceÂ
Expertise in developing and presenting comprehensive ATO documentation, including System Security Plans, to accrediting authorities and other relevant stakeholdersÂ
Demonstrated skill in addressing and mitigating security risks identified during the ATO process, ensuring the secure operation of systems in various environmentsÂ
Exceptional communication skills to articulate ATO requirements, progress, and challenges to both technical and non-technical stakeholders, fostering collaboration and understanding.Â
Risk Management Experience:Â
Demonstrated experience in developing threat models and security risk assessments.Â
Ability to recommend mitigations and countermeasures to address identified risks, vulnerabilities, and threats.Â
Experience conducting incident response across vendors, internal stakeholders, and program owners, including implementing, and coordinating the response plan, overseeing the technical response, and coordinating with legal, technical, and communications teams.Â
Compliance and Documentation:Â
Thorough understanding and experience with government regulations and standards related to information security.Â
In-depth knowledge of security compliance checks and the ability to perform audit activities.Â
Experience in reviewing and validating security documentation, including system security requirements definition and System Security Plans.Â
Experience conducting penetration testing across multiple vendors, contractors, and consultants that meet stringent client requirements.Â
Communication and Guidance:Â
Strong communication skills with the ability to guide NORC customers on information security policies and regulations.Â
Ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
The pay range for this position is $97,000 - $120,000.Â
This position is classified as regular. Regular staff are eligible for NORC's comprehensive benefits program. Benefits include, but are not limited to:Â Â
Generously subsidized health insurance, effective on the first day of employmentÂ
Dental and vision insurance Â
A defined contribution retirement program, along with a separate voluntary 403(b) retirement program Â
Group life insurance, long-term and short-term disability insuranceÂ
Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).Â
NORC is committed to equity and transparency in its pay practices. We publish salary ranges and benefit information for every job. The listed hiring range reflects what we, in good faith, expect to pay at the time of posting, though actual compensation may vary and may be adjusted over time. A candidate's placement within the range depends on factors such as competencies, education, qualifications, experience, skills, performance, and organizational needs.
NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.
WHO WE ARE:For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which we're known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.
EEO STATEMENT:ÂNORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics. #LI-MS1
Advertised: June 26, 2026 Central Daylight Time Applications close:
Back to search results Apply now Refer a friend
About NORC at the University of Chicago
Sourced by ZipRecruiter
Industry
Scientific research and development services
Company size
1,001 - 5,000 Employees
Headquarters location
Chicago, IL, US
Year founded
1941