This job was posted by https://illinoisjoblink.illinois.gov : For more
information, please see:
https://illinoisjoblink.illinois.gov/jobs/13272040
Job Description:
**Job Title: Governance, Risk & Compliance (GRC) Security Analyst
(Hybrid)**
Department/Unit: Center for Translational Data Science (CTDS)
Reports To: GRC Lead (with moderate direction)
Work Location: 5841 S Maryland Avenue, Chicago, IL 60637
Work Schedule: 40 hours/week | 8:30 AM 5:00 PM (30-minute
lunch)
Hybrid Schedule:Onsite Tuesdays / Remote Monday, WednesdayFriday
Start Date: ASAP
End Date: 7/30/2027 (term appointment as currently structured)
About the Center for Translational Data Science (CTDS)
CTDS is seeking an experienced, organized, and self-driven
professional who is passionate about**Governance, Risk, and
Compliance (GRC)**, cybersecurity, and operational excellence. This
role supports secure research collaborations by strengthening
security practices across hybrid environments and contributing to a
culture of risk awareness and continuous improvement.
Youll join a team that values thoughtful security guidance, clear
communication, and staying current on emerging threats and evolving
compliance expectations. The ideal candidate is a well-rounded
practitioner who can move beyond administrative tasks to provide
meaningful security insight and support cross-functional teams.
Role Summary
As a GRC Security Analyst , you will coordinate and support
security governance, risk, and compliance initiatives under the
guidance of the GRC Lead. You will help maintain compliance
documentation and evidence, support audits and remediation
activities, and work with engineers, researchers, and administrators
to implement controls and strengthen CTDS security posture.
With moderate direction, you will perform procedures necessary to
help ensure information system safety, monitor activity and
potential threats, assist with risk assessments, and support changes
to security processes and systems.
Key Responsibilities
In this role, you will:
Coordinate and support GRC projects and controls implementation
under the guidance of the GRC Lead
Prepare, track, and maintain project documentation, compliance
artifacts, and audit evidence
Facilitate internal and external audits , including evidence
collection and remediation support (e.g., POA&Ms )
Collaborate closely with**engineers, researchers, and
administrators**to promote a culture of compliance
Communicate security and compliance requirements in**clear,
accessible language**and explain policies effectively
Assist with risk register maintenance , basic threat modeling, and
risk assessments across hybrid environments
Monitor for fundamental risks (e.g., phishing attempts ) and
support proper handling of sensitive data ( PII, PHI, CUI )
Support compliance-aligned practices under guidelines and standards
such as HIPAA, GDPR, FISMA, and NIST
Support review and documentation of significant system changes ,
ensuring required compliance steps and approvals are completed prior
to rollout
Stay current on evolving federal and data privacy regulations and
contribute new insights to ongoing compliance efforts
Perform other related duties as needed
Minimum Qualifications
Education
Bachelors degree from an accredited college or university in a
related field such as**Business, Administration, Computer Science,
Information Security**, or similar
Experience
35 years of experience in one or more of the following:
Information security
Risk analysis
Auditing
Compliance
Governance
Practical experience in**highly regulated and/or federal
environments**, such as:
FedRAMP, FISMA, CMMC
Basic scripting/automation experience ( Python or similar )*or
willingness to learn*
Knowledge of audit and risk management methodologies such as:
COBIT, NIST 800-37 / 800-30, FAIR
Experience with tools and solutions used for:
GRC , IAM , and compliance automation/documentation
Information security tools and solutions
Preferred Certifications (Desired)
