×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Security Analyst, Governance, Risk, and Compliance

Job in Chicago, Cook County, Illinois, 60290, USA
Listing for: Apex Systems
Full Time position
Listed on 2026-03-11
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Job Title

Governance, Risk & Compliance (GRC) Security Analyst (Hybrid)

Job Information
  • Department/Unit:
    Center for Translational Data Science (CTDS)
  • Reports To:

    GRC Lead (with moderate direction)
  • Work Location:

    5841 S Maryland Avenue, Chicago, IL 60637
  • Work Schedule:

    40 hours/week | 8:30 AM – 5:00 PM (30‑minute lunch)
  • Hybrid

    Schedule:

    Onsite Tuesdays / Remote Monday, Wednesday–Friday
  • Start Date:

    ASAP
  • End Date: 7/30/2027 (term appointment as currently structured)
About The Center for Translational Data Science (CTDS)

CTDS is seeking an experienced, organized, and self‑driven professional who is passionate about Governance, Risk, and Compliance (GRC), cybersecurity, and operational excellence. This role supports secure research collaborations by strengthening security practices across hybrid environments and contributing to a culture of risk awareness and continuous improvement.

You’ll join a team that values thoughtful security guidance, clear communication, and staying current on emerging threats and evolving compliance expectations. The ideal candidate is a well‑rounded practitioner who can move beyond administrative tasks to provide meaningful security insight and support cross‑functional teams.

Role Summary

As a GRC Security Analyst, you will coordinate and support security governance, risk, and compliance initiatives under the guidance of the GRC Lead. You will help maintain compliance documentation and evidence, support audits and remediation activities, and work with engineers, researchers, and administrators to implement controls and strengthen CTDS security posture.

With moderate direction, you will perform procedures necessary to help ensure information system safety, monitor activity and potential threats, assist with risk assessments, and support changes to security processes and systems.

Key Responsibilities
  • Coordinate and support GRC projects and controls implementation under the guidance of the GRC Lead
  • Prepare, track, and maintain project documentation, compliance artifacts, and audit evidence
  • Facilitate internal and external audits, including evidence collection and remediation support (e.g., POA&Ms)
  • Collaborate closely with engineers, researchers, and administrators to promote a culture of compliance
  • Communicate security and compliance requirements in clear, accessible language and explain policies effectively
  • Assist with risk register maintenance, basic threat modeling, and risk assessments across hybrid environments
  • Monitor for fundamental risks (e.g., phishing attempts) and support proper handling of sensitive data (PII, PHI, CUI)
  • Support compliance‑aligned practices under guidelines and standards such as HIPAA, GDPR, FISMA, and NIST
  • Support review and documentation of significant system changes, ensuring required compliance steps and approvals are completed prior to rollout
  • Stay current on evolving federal and data privacy regulations and contribute new insights to ongoing compliance efforts
  • Perform other related duties as needed
Minimum Qualifications Education
  • Bachelor’s degree from an accredited college or university in a related field such as Business, Administration, Computer Science, Information Security, or similar
Experience
  • 3–5 years of experience in one or more of the following:
    • Information security
    • Risk analysis
    • Auditing
    • Compliance
    • Governance
  • Practical experience in highly regulated and/or federal environments, such as FedRAMP, FISMA, CMMC
  • Basic scripting/automation experience (Python or similar) or willingness to learn
Knowledge
  • Audit and risk management methodologies such as COBIT, NIST 800‑37 / 800‑30, FAIR
  • Tools and solutions used for GRC, IAM, and compliance automation/documentation; information security tools and solutions
Preferred Certifications (Desired)
  • CompTIA Security+
  • AWS or GCP Cloud Security certifications
  • CISA, CISM, or CISSP Associate
Unit‑Specific Competencies (Skills & Attributes)
  • Practical understanding of core cybersecurity concepts (e.g., access control, authentication, threat vectors)
  • Familiarity with federal cybersecurity frameworks and requirements:
    FedRAMP, FISMA, NIST
  • Knowledge of hybrid IT systems, networking, and cloud environments (e.g., AWS, Google Cloud)
  • Strong organizational…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search