Senior IT Risk and Compliance Analyst Apply now Job no: 503864 Work type: Regular Full-Time ... Risk Management Experience: * Demonstrated experience in developing threat models and security risk ...
Senior IT Risk and Compliance Analyst Apply now Job no: 503864 Work type: Regular Full-Time ... Risk Management Experience: * Demonstrated experience in developing threat models and security risk ...
Manage the full lifecycle of technology and cyber risk assessments for Commercial Bank; drive the process from initial risk identification through to tactical implementation, remediation tracking ...
Manage the full lifecycle of technology and cyber risk assessments for Commercial Bank; drive the process from initial risk identification through to tactical implementation, remediation tracking ...
Manage the full lifecycle of technology and cyber risk assessments for Commercial Bank; drive the process from initial risk identification through to tactical implementation, remediation tracking ...
Manage the full lifecycle of technology and cyber risk assessments for Commercial Bank; drive the process from initial risk identification through to tactical implementation, remediation tracking ...
... T risk management (ITRM) initiatives to increase the transparency of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk Operating Committee (ROC), and support ...
... T risk management (ITRM) initiatives to increase the transparency of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk Operating Committee (ROC), and support ...
Direct IT risk assessments, manage IT risk register, supplier security evaluations, penetration testing and assist with audits across operations * Partner with Legal, Privacy, Compliance, Information ...
Direct IT risk assessments, manage IT risk register, supplier security evaluations, penetration testing and assist with audits across operations * Partner with Legal, Privacy, Compliance, Information ...
Technical Risk Analyst
Vienna, VA ยท On-site
The ideal candidate will have experience working with IT security controls, risk management practices, compliance frameworks, or audit activities and possess strong analytical and documentation ...
Technical Risk Analyst
Vienna, VA ยท On-site
The ideal candidate will have experience working with IT security controls, risk management practices, compliance frameworks, or audit activities and possess strong analytical and documentation ...
... T risk management (ITRM) initiatives to increase the transparency of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk Operating Committee (ROC), and support ...
... T risk management (ITRM) initiatives to increase the transparency of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk Operating Committee (ROC), and support ...
Technology Operations Risk Senior
Mclean, VA ยท On-site
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
Technology Operations Risk Senior
Mclean, VA ยท On-site
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS ... Risk Management Experience: Demonstrated experience in developing threat models and security risk ...
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS ... Risk Management Experience: Demonstrated experience in developing threat models and security risk ...
Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 TDRM professionals are trusted experts who oversee ~14,000 developers at Capital One. We raise the ...
Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 TDRM professionals are trusted experts who oversee ~14,000 developers at Capital One. We raise the ...
Risk Manager, Endpoint Security
Mclean, VA ยท On-site
Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 TDRM professionals are trusted experts who oversee ~14,000 developers at Capital One. We raise the ...
Risk Manager, Endpoint Security
Mclean, VA ยท On-site
Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 TDRM professionals are trusted experts who oversee ~14,000 developers at Capital One. We raise the ...
Technology Operations Risk Senior
Mclean, VA ยท On-site
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
Technology Operations Risk Senior
Mclean, VA ยท On-site
The team works closely with application, platform, and operations teams to support proactive risk identification, issue management, technology resilience, and operational readiness. The team also ...
Risk Manager, Endpoint Security
Mclean, VA ยท On-site
Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 TDRM professionals are trusted experts who oversee ~14,000 developers at Capital One. We raise the ...
Risk Manager, Endpoint Security
Mclean, VA ยท On-site
Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 TDRM professionals are trusted experts who oversee ~14,000 developers at Capital One. We raise the ...
Technical Risk Analyst
Vienna, VA ยท On-site
The ideal candidate will have experience working with IT security controls, risk management practices, compliance frameworks, or audit activities and possess strong analytical and documentation ...
Technical Risk Analyst
Vienna, VA ยท On-site
The ideal candidate will have experience working with IT security controls, risk management practices, compliance frameworks, or audit activities and possess strong analytical and documentation ...
IT Audit - Staff
Alexandria, VA ยท On-site
$65K - $80K/yr
IT Audit Staff Location: Alexandria, VA (on-site) Level: Staff Clearance: Secret *Candidates must ... Conduct research related to IT control frameworks, risk management standards, and security ...
Quick apply
IT Audit - Staff
Alexandria, VA ยท On-site
$65K - $80K/yr
IT Audit Staff Location: Alexandria, VA (on-site) Level: Staff Clearance: Secret *Candidates must ... Conduct research related to IT control frameworks, risk management standards, and security ...
You will leverage your analytical and risk management expertise to drive meaningful outcomes, influence corporate policies and standards, and ensure the resilience of our enterprise technology.
You will leverage your analytical and risk management expertise to drive meaningful outcomes, influence corporate policies and standards, and ensure the resilience of our enterprise technology.
Sr. Manager, Tech & Cyber Risk
Mclean, VA ยท On-site
You will leverage your analytical and risk management expertise to drive meaningful outcomes, influence corporate policies and standards, and ensure the resilience of our enterprise technology.
Sr. Manager, Tech & Cyber Risk
Mclean, VA ยท On-site
You will leverage your analytical and risk management expertise to drive meaningful outcomes, influence corporate policies and standards, and ensure the resilience of our enterprise technology.
IT Risk and Compliance Analyst
Washington, DC ยท On-site
$90K - $115K/yr
Reporting Relationships: * IT Risk and Compliance Manager Key Contacts: * Works closely with the Legal and Business Unit stakeholders. * This role will work with the clients in response to security ...
IT Risk and Compliance Analyst
Washington, DC ยท On-site
$90K - $115K/yr
Reporting Relationships: * IT Risk and Compliance Manager Key Contacts: * Works closely with the Legal and Business Unit stakeholders. * This role will work with the clients in response to security ...
Risk Management Analyst
Washington, DC ยท On-site +1
Bachelor's Degree in Business Administration, Project Management, Information Technology, Public Administration, or a related field. * Minimum of 5 years of experience in risk management, program ...
Risk Management Analyst
Washington, DC ยท On-site +1
Bachelor's Degree in Business Administration, Project Management, Information Technology, Public Administration, or a related field. * Minimum of 5 years of experience in risk management, program ...
Risk Management Analyst
Washington, DC ยท Remote
Bachelor's Degree in Business Administration, Project Management, Information Technology, Public Administration, or a related field. * Minimum of 5 years of experience in risk management, program ...
Quick apply
Risk Management Analyst
Washington, DC ยท Remote
Bachelor's Degree in Business Administration, Project Management, Information Technology, Public Administration, or a related field. * Minimum of 5 years of experience in risk management, program ...
Technology Risk Management information
See Washington salary details
$49.3K - $62K
8% of jobs
$62K - $74.8K
14% of jobs
$80.7K is the 25th percentile. Wages below this are outliers.
$74.8K - $87.6K
6% of jobs
$87.6K - $100.3K
8% of jobs
$100.3K - $113.1K
11% of jobs
The median wage is $115.8K / yr.
$113.1K - $125.9K
13% of jobs
$125.9K - $138.6K
11% of jobs
$142.5K is the 75th percentile. Wages above this are outliers.
$138.6K - $151.4K
15% of jobs
$151.4K - $164.2K
8% of jobs
$164.2K - $176.9K
4% of jobs
$176.9K - $189.7K
2% of jobs
$49.3K
$117.5K
$189.7K
How much do technology risk management jobs pay per year?
What is a Technology Risk Management job?
A Technology Risk Management job involves identifying, assessing, and mitigating risks related to an organization's technology infrastructure, systems, and data. Professionals in this field develop policies, ensure compliance with regulatory requirements, and implement security controls to protect against cyber threats and operational failures. They collaborate with IT, security, and business teams to address vulnerabilities and enhance resilience. The role requires knowledge of risk assessment frameworks, regulatory standards, and emerging technology risks.
What are the key skills and qualifications needed to thrive in the Technology Risk Management position, and why are they important?
To excel in Technology Risk Management, you need a background in information security, risk assessment, and regulatory compliance, often supported by a relevant degree and experience in IT or cybersecurity. Familiarity with risk management frameworks (such as NIST or ISO 27001), governance, risk and compliance (GRC) tools, and certifications like CISA, CISSP, or CRISC are highly valued. Strong analytical thinking, communication skills, and the ability to influence and collaborate across departments are vital soft skills for this role. These competencies are crucial to effectively identify, mitigate, and communicate technology risks, helping organizations manage threats while ensuring business continuity and compliance.
What are the typical daily responsibilities for someone working in Technology Risk Management?
Professionals in Technology Risk Management are typically responsible for identifying and assessing potential technology-related risks, developing policies and controls to mitigate those risks, and monitoring compliance with internal and external regulations. Their day-to-day activities often include conducting risk assessments, coordinating with IT teams on security initiatives, preparing reports for senior management, and responding to incidents or audit findings. Collaboration with various departments such as IT, compliance, and business units is frequent to ensure comprehensive risk oversight. This role requires staying up-to-date on emerging threats and evolving regulatory requirements to proactively manage the organization's risk posture.

Other
Medical, Dental, Vision, Life, Retirement, PTO
Posted 9 days ago
Job description
Apply now Job no: 503864 Work type: Regular Full-Time Location: Washington, DC Capability Area: IT DSS Security and Compliance
NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations.ย ย
The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The team is responsible for specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. The team develops and implements tools and processes to measure and track IT risk and compliance metrics. The team provides guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. The team conducts risk assessments and security impact analyses of information systems.ย
Location: This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office.ย Remote candidates may also be considered.
Qualified applicants must be U.S. citizens due to security clearance requirements for projects.ย
NORC's Digital Services & Solutions group provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.ย
Work with the team in specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security. requirements of clients (principally Government) and corporate standards for data and systems integrity.ย
Help develop and implement tools and processes to measure and track IT risk and compliance metrics.ย
Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting.ย
Assist the team with conducting risk assessments and security impact analyses of information systems.ย
Education and Certifications:ย
Bachelor's degree in computer science, Information Technology, or a related field (or equivalent years of experience).ย
Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certifications.ย
General Experience:ย
Minimum of 4 years of experience in information security roles, emphasizing security architecture and engineering solutions.ย
Proven experience in performing network penetration testing, vulnerability scans, and configuration analysis.ย
Experience overseeing project penetration testing activities.ย
Preferred experience as an ISO for federal programs and projects.ย
Experience coordinating communications across vendors, internal stakeholders, and program owners.ย
Experience using CSAMย
ATO Experience:ย
In-depth knowledge and experience guiding information systems through the Authorization to Operate (ATO) process:ย ย
Proficient in navigating the complex landscape of ATO processes, demonstrating a successful track record in obtaining authorizations for information systemsย
Extensive knowledge of the steps involved in the ATO process, ensuring compliance with government regulations and standards, including NIST Special Publications and FISMAย
A proven ability to streamline and expedite ATO timelines without compromising security standards, showcasing efficiency in documentation and regulatory adherenceย
Expertise in developing and presenting comprehensive ATO documentation, including System Security Plans, to accrediting authorities and other relevant stakeholdersย
Demonstrated skill in addressing and mitigating security risks identified during the ATO process, ensuring the secure operation of systems in various environmentsย
Exceptional communication skills to articulate ATO requirements, progress, and challenges to both technical and non-technical stakeholders, fostering collaboration and understanding.ย
Risk Management Experience:ย
Demonstrated experience in developing threat models and security risk assessments.ย
Ability to recommend mitigations and countermeasures to address identified risks, vulnerabilities, and threats.ย
Experience conducting incident response across vendors, internal stakeholders, and program owners, including implementing, and coordinating the response plan, overseeing the technical response, and coordinating with legal, technical, and communications teams.ย
Compliance and Documentation:ย
Thorough understanding and experience with government regulations and standards related to information security.ย
In-depth knowledge of security compliance checks and the ability to perform audit activities.ย
Experience in reviewing and validating security documentation, including system security requirements definition and System Security Plans.ย
Experience conducting penetration testing across multiple vendors, contractors, and consultants that meet stringent client requirements.ย
Communication and Guidance:ย
Strong communication skills with the ability to guide NORC customers on information security policies and regulations.ย
Ability to effectively communicate complex security concepts to both technical and non-technical stakeholders.
The pay range for this position is $97,000 - $120,000.ย
This position is classified as regular. Regular staff are eligible for NORC's comprehensive benefits program. Benefits include, but are not limited to:ย ย
Generously subsidized health insurance, effective on the first day of employmentย
Dental and vision insuranceย ย
A defined contribution retirement program, along with a separate voluntary 403(b) retirement programย ย
Group life insurance, long-term and short-term disability insuranceย
Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).ย
NORC is committed to equity and transparency in its pay practices. We publish salary ranges and benefit information for every job. The listed hiring range reflects what we, in good faith, expect to pay at the time of posting, though actual compensation may vary and may be adjusted over time. A candidate's placement within the range depends on factors such as competencies, education, qualifications, experience, skills, performance, and organizational needs.
NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge.
WHO WE ARE:For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which we're known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale.
EEO STATEMENT:ยNORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics. #LI-MS1
Advertised: June 26, 2026 Eastern Daylight Time Applications close:
Back to search results Apply now Refer a friend
About NORC at the University of Chicago
Sourced by ZipRecruiter
Industry
Scientific research and development services
Company size
1,001 - 5,000 Employees
Headquarters location
Chicago, IL, US
Year founded
1941