Senior Analyst, Cybersecurity Governance Risk & Compliance

Chicago, IL 60606

Job Type: Risk Job Number: 7624 Salary Range: $90,000-$130,000

Job Description


The Senior Analyst for Cybersecurity Governance, Risk & Compliance will oversee the completion of compliance-related requests from clients aimed at evaluating security policies and procedures. This role involves responding to inquiries regarding security controls, processes, and procedures for systems and applications managed by the organization, as well as supporting Third Party Risk Management (TPRM) and Governance & Risk functions in conducting vendor due diligence (initial assessments, reassessments, and ongoing monitoring). The Senior Analyst will also contribute to broader Governance, Risk, and Compliance (GRC) efforts. This position requires excellent communication skills, initiative, strong attention to detail, and the ability to quickly learn new concepts.

Key responsibilities include:
  • Review and gain a thorough understanding of the organization's IT Risk Management (ITRM) framework, including associated policies, standards, procedures, and processes.
  • Develop a solid understanding of the organization's control structure to help create or revise standard responses for client questionnaires (e.g., SIG).
  • Respond to compliance-related requests and web-based sharing, referencing relevant evidence or documentation.
  • Complete external security assessments, support remediation efforts, and track progress of assessment queues.
  • Work with external assessors and internal experts to resolve compliance inquiries and share security artifacts.
  • Assist in refining the process for completing information security control assessments.
  • Support the measurement and reporting of the Information Security Program’s effectiveness by analyzing security control measures.
  • Track the status of findings from information security assessments, Governance, Risk & Compliance, and TPRM due diligence/reassessment, and associated remediation efforts.
  • Contribute to the development of GRC-related processes, procedures, and documentation.
  • Collaborate with the CISO, senior managers, and other stakeholders to report on the current information security program and ongoing projects addressing security risks and compliance.
  • Manage competing deadlines and handle multiple external inquiries, demonstrating organizational skills and attention to detail.
  • Participate in efforts to evolve and streamline GRC solutions, processes, and procedures.
  • Work with Information Security, Privacy, and GRC management, and internal subject matter experts to help coordinate, track, and report on GRC team goals and strategies.
  • Perform additional duties as needed.

The Senior Analyst is expected to demonstrate the following skills and qualifications:
  • Strong understanding of various risk management frameworks and standards, including CSC, NIST, ISO, and COBIT.
  • Experience with the NIST Cybersecurity Framework and auditing controls within NIST SP800-171 and NIST SP800-53A.
  • Experience collaborating with internal and external auditing firms.
  • In-depth knowledge of information security concepts and technologies.
  • Proficiency with MS Outlook, Word, Excel, Visio, and PowerPoint.
  • Excellent communication skills with the ability to interact with multiple teams, including administrative and legal departments.
  • Experience in analyzing IT and security control requirements and understanding associated technological processes.
  • Strong knowledge of due diligence and compliance documentation such as SOC II Type II, ISO 27001 Certification, SIG Questionnaires, Certificates of Insurance, Pen Test reports, etc.

Required qualifications:
  • A Bachelor’s degree.
  • At least 5 years of combined experience in information technology and information security.
The Phoenix Group Advisors is an equal opportunity employer. We are committed to creating a diverse and inclusive workplace and prohibit discrimination and harassment of any kind based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. We strive to attract talented individuals from all backgrounds and provide equal employment opportunities to all employees and applicants for employment.
 

Job Requirements

governance, risk, compliance, cybersecurity

Meet Your Recruiter

Matthew Francella
Recruitment Consultant

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

About Chicago, IL

Unlock your potential in the bustling job market around Chicago, Illinois! Dive into a world of endless possibilities and growth opportunities in the Windy City and its vibrant suburbs. From iconic landmarks like the Willis Tower and Navy Pier to the world-class cuisine of deep-dish pizza and Chicago-style hot dogs, this area is rich in culture and charm. Immerse yourself in the thriving arts scene at the Art Institute of Chicago or enjoy a night out at the renowned Second City comedy club. With top-notch theaters, professional sports teams like the Cubs and the Bears, and lush green spaces like Millennium Park, Chicago offers an unbeatable lifestyle for career-driven individuals. Explore our job listings today and discover why Chicago is the perfect place to kickstart your career journey!

Testimonials

View All