1

It Risk Jobs in Illinois (NOW HIRING)

Overview The Manager, Risk Management is responsible for the building and coordination of a ... information, gender, gender identity, gender expression, age, national origin, ancestry ...

... Technology on the execution of enterprise and operational risk programs, promoting an environment ... information, gender, gender identity, gender expression, age, national origin, ancestry ...

IT Compliance

Lake Forest, IL

$93K - $93K/yr

Persons in this role will be a primary resource for gathering IT risk and controls information and facilitating related surveys and audits. Partner with the IT Compliance managers and director to ...

Enterprise Architect (IT)

Chicago, IL · On-site +1

$71.25 - $91.75/hr

Provide visibility into technology risk, technical debt, platform health, lifecycle obsolescence ... Bachelor's degree in computer science, Information Technology, Engineering, Business, or a related ...

Enterprise Architect (IT)

Chicago, IL · On-site +1

$71 - $91.75/hr

Provide visibility into technology risk, technical debt, platform health, lifecycle obsolescence ... Bachelor's degree in computer science, Information Technology, Engineering, Business, or a related ...

Governance & Risk Analyst

Chicago, IL · On-site

$85K - $95K/yr

Strong understanding of IT risk assessment methodologies, frameworks, and industry best practices. * Assess vendor security posture against frameworks such as ISO 27001 / 27002, NIST, and SOC 2. * ...

Senior Associate, IT Internal Audit

Chicago, IL · On-site

$92K - $127K/yr

Work with client senior management to design, and implement new IT risk and control frameworks, sustainable solutions (including, applying knowledge of governance, risk and security tools), operating ...

next page

Showing results 1-20

It Risk information

See Illinois salary details

$13

$29

$71

How much do it risk jobs pay per hour?

As of Jul 7, 2026, the average hourly pay for it risk in Illinois is $29.40, according to ZipRecruiter salary data. Most workers in this role earn between $18.85 and $37.50 per hour, depending on experience, location, and employer.

What is IT risk?

IT risk refers to the potential for losses or negative impacts to an organization resulting from the use of information technology. This includes threats such as data breaches, cyberattacks, system failures, and non-compliance with regulations. IT risk management involves identifying, assessing, and mitigating these risks to protect an organization’s information assets and ensure business continuity.

What is the difference between It Risk vs Cybersecurity Analyst?

AspectIt RiskCybersecurity Analyst
Required CredentialsCertifications like CRISC, CISSP, CISACertifications like CompTIA Security+, CISSP, CEH
Work EnvironmentRisk management teams, compliance departmentsSecurity operations centers, IT departments
Employer & Industry UsageFinancial, healthcare, and large enterprisesTech firms, finance, government agencies

It Risk professionals focus on identifying, assessing, and mitigating risks related to IT systems and compliance. Cybersecurity Analysts primarily monitor and respond to security threats and incidents. While both roles require similar certifications and work in overlapping environments, It Risk emphasizes risk management strategies, whereas Cybersecurity Analysts concentrate on security operations and threat response.

What are the key skills and qualifications needed to thrive as an IT Risk professional, and why are they important?

To thrive as an IT Risk professional, you need a strong understanding of information security principles, risk management frameworks, and relevant regulations, typically supported by a degree in information technology or cybersecurity. Familiarity with risk assessment tools, GRC (Governance, Risk, and Compliance) systems, and certifications such as CISM or CISSP is highly valued. Analytical thinking, attention to detail, and effective communication are vital soft skills for identifying vulnerabilities and collaborating with stakeholders. These competencies are crucial for proactively managing threats and ensuring the organization's information assets remain secure and compliant.

What are some common challenges faced by IT Risk professionals when working with cross-functional teams?

IT Risk professionals often collaborate with various departments such as IT, compliance, finance, and operations. A common challenge is effectively communicating technical risks in terms that non-technical stakeholders can understand, ensuring alignment on priorities and mitigation strategies. Navigating differing risk tolerances and balancing business needs with security requirements can also present difficulties. Building strong relationships and fostering ongoing dialogue are key to overcoming these challenges and ensuring successful risk management across the organization.
What are the most commonly searched types of It Risk jobs in Illinois? The most popular types of It Risk jobs in Illinois are:
Infographic showing various It Risk job openings in Illinois as of July 2026, with employment types broken down into 1% As Needed, 81% Full Time, 15% Part Time, and 3% Contract. Highlights an 94% Physical, 1% Hybrid, and 5% Remote job distribution, with an average salary of $61,145 per year, or $29.4 per hour.
Senior IT Risk and Compliance Analyst

Senior IT Risk and Compliance Analyst

NORC at the University of Chicago

Chicago, IL • Hybrid

Other

Medical, Dental, Vision, Life, Retirement, PTO

Posted 11 days ago


Job description

Senior IT Risk and Compliance Analyst

Apply now Job no: 503865 Work type: Regular Full-Time Location: Chicago - 300 E Randolph St Capability Area: IT DSS Security and Compliance

JOB SUMMARY:

NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations.  

The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The team is responsible for specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. The team develops and implements tools and processes to measure and track IT risk and compliance metrics. The team provides guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. The team conducts risk assessments and security impact analyses of information systems. 

Location: This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office. 

Qualified applicants must be U.S. citizens due to security clearance requirements for projects. 

DEPARTMENT: Digital Services & Solutions Security & Compliance

NORC's Digital Services & Solutions group provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research. 

RESPONSIBILITIES:
  • Work with the team in specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security. requirements of clients (principally Government) and corporate standards for data and systems integrity. 

  • Help develop and implement tools and processes to measure and track IT risk and compliance metrics. 

  • Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. 

  • Assist the team with conducting risk assessments and security impact analyses of information systems. 

REQUIRED SKILLS:

Education and Certifications: 

  • Bachelor's degree in computer science, Information Technology, or a related field (or equivalent years of experience). 

  • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certifications. 

General Experience: 

  • Minimum of 4 years of experience in information security roles, emphasizing security architecture and engineering solutions. 

  • Proven experience in performing network penetration testing, vulnerability scans, and configuration analysis. 

  • Experience overseeing project penetration testing activities. 

  • Preferred experience as an ISO for federal programs and projects. 

  • Experience coordinating communications across vendors, internal stakeholders, and program owners. 

  • Experience using CSAM 

ATO Experience: 

  • In-depth knowledge and experience guiding information systems through the Authorization to Operate (ATO) process:  

  • Proficient in navigating the complex landscape of ATO processes, demonstrating a successful track record in obtaining authorizations for information systems 

  • Extensive knowledge of the steps involved in the ATO process, ensuring compliance with government regulations and standards, including NIST Special Publications and FISMA 

  • A proven ability to streamline and expedite ATO timelines without compromising security standards, showcasing efficiency in documentation and regulatory adherence 

  • Expertise in developing and presenting comprehensive ATO documentation, including System Security Plans, to accrediting authorities and other relevant stakeholders 

  • Demonstrated skill in addressing and mitigating security risks identified during the ATO process, ensuring the secure operation of systems in various environments 

  • Exceptional communication skills to articulate ATO requirements, progress, and challenges to both technical and non-technical stakeholders, fostering collaboration and understanding. 

Risk Management Experience: 

  • Demonstrated experience in developing threat models and security risk assessments. 

  • Ability to recommend mitigations and countermeasures to address identified risks, vulnerabilities, and threats. 

  • Experience conducting incident response across vendors, internal stakeholders, and program owners, including implementing, and coordinating the response plan, overseeing the technical response, and coordinating with legal, technical, and communications teams. 

Compliance and Documentation: 

  • Thorough understanding and experience with government regulations and standards related to information security. 

  • In-depth knowledge of security compliance checks and the ability to perform audit activities. 

  • Experience in reviewing and validating security documentation, including system security requirements definition and System Security Plans. 

  • Experience conducting penetration testing across multiple vendors, contractors, and consultants that meet stringent client requirements. 

Communication and Guidance: 

  • Strong communication skills with the ability to guide NORC customers on information security policies and regulations. 

  • Ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.

SALARY AND BENEFITS:

The pay range for this position is $97,000 - $120,000. 

This position is classified as regular. Regular staff are eligible for NORC's comprehensive benefits program. Benefits include, but are not limited to:  

  • Generously subsidized health insurance, effective on the first day of employment 

  • Dental and vision insurance  

  • A defined contribution retirement program, along with a separate voluntary 403(b) retirement program  

  • Group life insurance, long-term and short-term disability insurance 

  • Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP). 

NORC is committed to equity and transparency in its pay practices. We publish salary ranges and benefit information for every job. The listed hiring range reflects what we, in good faith, expect to pay at the time of posting, though actual compensation may vary and may be adjusted over time. A candidate's placement within the range depends on factors such as competencies, education, qualifications, experience, skills, performance, and organizational needs.

WHAT WE DO:

NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.

WHO WE ARE:

For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which we're known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.

EEO STATEMENT: 

NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics. #LI-MS1

Advertised: June 26, 2026 Central Daylight Time Applications close:

Back to search results Apply now Refer a friend

Whatsapp Facebook LinkedIn Email App