Collecting information
Organizing data
NORC at the University of Chicago is seeking an IT Risk and Security Compliance Analyst with extensive experience managing and optimizing ServiceNow GRC to support and enhance our security compliance program.. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research.. Lead the management, configuration, and optimization of ServiceNow GRC , ensuring alignment with security frameworks and regulatory requirements.. Security Certifications (one or more preferred): CISA, CISM, CRISC, CISSP, or SSCP. Experience in FedRAMP and FISMA , including security package development and control validation.
Manage and maintain firewalls (Cisco ASA, Palo Alto, or equivalent), intrusion detection/prevention systems (IDS/IPS), and security logs to ensure compliance and security integrity. Perform penetration testing, vulnerability scanning, and remediation efforts to identify and address security weaknesses. An active DOE Q clearance or equivalent is required for consideration.. Knowledge of cyber threat intelligence, risk assessments, and compliance frameworks (NIST, RMF, FISMA, FedRAMP, etc.. Additional certifications such as CISSP, CEH, CISM, or Security+ (Preferred)