Jobs
>
Chicago

    Governance, Risk, and Compliance Lead - Chicago, United States - DShield

    DShield
    DShield Chicago, United States

    1 week ago

    Default job background
    Description
    Globus ) is a sustainable, non-profit unit within The University of Chicago delivering solutions to the research community worldwide.

    Globus develops and provides critical services that support scientific research for governmental, academic, and commercial organizations in a wide range of disciplines including life sciences, physics, and astronomy.

    We develop and operate commercial-quality, cloud-based software application and platform services used by 10s of thousands of researchers to manage their large–and growing–data management challenges.

    We have offices located at 401 North Michigan Avenue in the heart of downtown Chicago and remote employees who work-from-home.

    Globus, together with Globus Labs, a research group within the University of Chicago, and part of the Data Science and Learning Division at Argonne National Labs, develop and deploy cutting edge technologies to solve new challenges facing the scientific community and enable break-through scientific discoveries.

    Job Summary


    As the Governance, Risk, and Compliance Lead for Globus, you will spearhead the Unit's compliance endeavors, ensuring alignment with essential regulatory standards for both our products and operations.

    Globus offers a robust suite of capabilities for data and compute management, along with automation, serving researchers worldwide.

    Our offerings come in the form of a hosted service (SaaS) and platform (PaaS), utilizing a hybrid architecture, with management services hosted on Amazon Web Services (AWS).

    Globus capabilities are offered for use with protected data and adhere to NIST controls and the HIPAA Security Rule.

    In your capacity, you'll oversee the compliance program to uphold these standards, crafting and leading initiatives aimed at enhancing operational efficiency as we expand.

    Your focus will be on ensuring that we consistently meet our customers' compliance requirements while scaling our operations effectively.

    As the resident expert within the team, you'll manage security assessments, monitoring compliance status, providing procedural guidance, implementing security controls, and driving process improvement and maturity initiatives.


    Beyond sustaining our current compliance framework, your role will involve leveraging your expertise and insights into the Globus customer base to advocate for and implement additional compliance standards in response to customer demand and market trends.

    This will entail conducting thorough gap analyses and collaborating with third-party vendors as necessary.

    If you thrive in collaborative, innovative, mission-oriented environments, consider joining Globus where your skills and passion for compliance can make a meaningful impact on research worldwide
    Responsibilities


    Leads implementation and maintenance of NIST risk management framework and controls to manage security and privacy risks for the Unit.

    Develops compliance strategy, and leads and executes various tasks based on those strategies, including development and maintenance of policies and procedures, system security plan, plans of actions and milestones.

    Reviews technical procedures developed by the operations team, and ensure compliance with policies.

    Supports the operations team in managing security incidents, generating reports, and serving as the primary liaison for communication with both internal and external stakeholders, in adherence to established policies.

    Serves as compliance lead on internal and external assessments and audits.
    Assists customers with security risk assessment of Globus products, and owns all customer communication on security and compliance.
    Collaborates with the procurement team to review contract terms and data protection agreements pertaining to product and operational security. Ensures that contractual obligations are in line with the current operational standards of Globus.

    Serves as a mentor to staff providing compliance and security consulting and awareness efforts, including engaging with the product team to analyze security of applications to provide risk recommendations.

    Uses a deep understanding of IT expertise to develop and implement security and compliance policies, guidelines, and safe practices for the unit.

    Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.
    Performs other related work as needed.

    Minimum Qualifications


    Education:
    Minimum requirements include a college or university degree in related field.
    -
    • Work

    Experience:
    Minimum requirements include knowledge and skills developed through 7+ years of work experience in a related job discipline.
    -

    • Certifications:
    Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium, SANS GIAC Certification - Global Information Assurance Certification


    Preferred Qualifications


    Experience:
    Implementation of security or compliance frameworks such as HIPAA, NIST SP 800-53r5, NIST SP , or similar.
    Maintaining security and compliance for production applications within cloud-based environments, with a preference for Amazon Web Services.
    Proficiency in cybersecurity and compliance within higher education and/or government sectors.
    Demonstrated experience in conducting information security audits or risk assessments.
    Experience as security and/or network engineer and/or system administration.
    Licenses and

    Certifications:
    Relevant security certifications such as CISSP, CISM, CISA, CRISC, or compliance certifications, and/or SANS GIAC certification for technical knowledge (e.g. GWAPT, GPCS, GWEB).

    Technical Skills or Knowledge:
    Proven track record of managing Governance, Risk and Compliance programs and supporting various compliance frameworks, including NIST RMF, SOC 1/SOC 2, HITRUST, HIPAA, and/or optionally FedRAMP
    Strong knowledge of information security risk management frameworks, such as NIST RMF, and compliance practices.
    Demonstrated proficiency in administering intricate security controls and configurations for applications.
    Well-versed in public cloud security and compliance best practices, particularly in supporting compliance for applications hosted on cloud platforms.
    Expertise in AWS security controls and compliance resources.
    Some familiarity with Governance Risk and Compliance tools and suites (e.g. Navex, LogicGate).
    Preferred Competencies

    Strong crisis management and leadership ability.
    Work collaboratively with cross-functional teams, especially in an engineering and product environment, and build consensus across teams.
    Enjoys solving complex and hard problems and can turn incomplete, conflicting, or ambiguous inputs into actionable plans.
    Excellent verbal and written communication skills.
    Strong analytical and problem solving skills.
    Excellent organizational skills and constant attention to detail.
    Work independently, and balance competing priorities.
    Weigh business needs against security concerns.
    Working Conditions

    Occasional evening or weekend hours.
    Option available for hybrid work with occasional required attendance at in-person meetings.
    Application Documents

    Resume/CV (required)


    When applying, the document(s) MUST be uploaded via the My Experience page, in the section titled Application Documents of the application.

    Job Family

    Information Technology

    Role Impact

    Individual Contributor

    FLSA Status

    Exempt

    Pay Frequency

    Monthly

    Scheduled Weekly Hours

    37.5

    Benefits Eligible

    Yes

    Drug Test Required

    No

    Health Screen Required

    No

    Motor Vehicle Record Inquiry Required

    No

    Posting Statement


    The University of Chicago is an Affirmative Action/Equal Opportunity/Disabled/Veterans and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender, gender identity, national or ethnic origin, age, status as an individual with a disability, military or veteran status, genetic information, or other protected classes under the law.

    For additional information please see the University's Notice of Nondiscrimination.


    Staff Job seekers in need of a reasonable accommodation to complete the application process should call or submit a request via Applicant Inquiry Form.


    We seek a diverse pool of applicants who wish to join an academic community that places the highest value on rigorous inquiry and encourages a diversity of perspectives, experiences, groups of individuals, and ideas to inform and stimulate intellectual challenge, engagement, and exchange.

    All offers of employment are contingent upon a background check that includes a review of conviction history. A conviction does not automatically preclude University employment.

    Rather, the University considers conviction information on a case-by-case basis and assesses the nature of the offense, the circumstances surrounding it, the proximity in time of the conviction, and its relevance to the position.


    The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information.


    The Report can be accessed online at:
    Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E. 61st Street, Chicago, IL

    #J-18808-Ljbffr
  • bp

    Compliance Operations Lead

    1 week ago

    bp Whiting, United States

    Job summary · **Entity**: · Production & Operations · **Job Family Group**: · Operations Group · **Key Accountabilities**: · - Acts as Product Owner in the Compliance Improvement Program Management Office (PMO) for the operations discipline focused squad(s) supporting collaborati ...

  • Kentech

    Training & Compliance Lead

    1 week ago

    Kentech Chicago, United States

    Company Description · KENTECH Consulting Inc. · is an award-winning background technology screening company. We are the creators of innovative projects such as - 1st consumer background checking system of its kind, and ClarityIQ a high-tech/high-touch investigative case manage ...

  • KENTECH Consulting

    Training & Compliance Lead

    1 week ago

    KENTECH Consulting Chicago, United States

    Company Description · KENTECH Consulting Inc. is an award-winning background technology screening company. We are the creators of innovative projects such as - 1st consumer background checking system of its kind, and ClarityIQ a high-tech/high-touch investigative case management ...

  • KENTECH CONSULTING INC

    Training & Compliance Lead

    2 days ago

    KENTECH CONSULTING INC Chicago, United States

    Job Description · Job DescriptionCompany Description · KENTECH Consulting Inc. is an award-winning background technology screening company. We are the creators of innovative projects such as - 1st consumer background checking system of its kind, and ClarityIQ a high-tech/high-to ...

  • AbbVie

    Security Compliance Lead

    2 days ago

    AbbVie North Chicago, United States

    Job Description · Job DescriptionCompany Description · AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives acr ...

  • Chicago Public Schools

    Data Compliance Team Lead

    1 day ago

    Chicago Public Schools Chicago, United States

    Chicago Public Schools (CPS) is one of the largest school districts in the United States, serving over 340,000 students in 600 schools and employing nearly 36,000 people, most of them teachers. CPS has set ambitious goals to ensure that every student, in every school and every ne ...

  • City of Chicago School District - Chicago Public Schools

    Data Compliance Team Lead

    4 days ago

    City of Chicago School District - Chicago Public Schools Chicago, United States

    Chicago Public Schools (CPS) is one of the largest school districts in the United States, serving over 340,000 students in 600 schools and employing nearly 36,000 people, most of them teachers. CPS has set ambitious goals to ensure that every student Team Lead, Compliance, Data, ...

  • Chicago Public Schools

    Data Compliance Team Lead

    1 day ago

    Chicago Public Schools Chicago, United States

    Chicago Public Schools (CPS) is one of the largest school districts in the United States, serving over 340,000 students in 600+ schools and employing nearly 36,000 people, most of them teachers. CPS has set ambitious goals to ensure that every student, in every school and every n ...

  • BP Energy

    Compliance Operations Lead

    2 days ago

    BP Energy Whiting, United States

    Entity: · Production & Operations · Job Family Group: · Operations Group · Job Description: · Key Accountabilities: · Acts as Product Owner in the Compliance Improvement Program Management Office (PMO) for the operations discipline focused squad(s) supporting collaboration across ...

  • BMO US

    Managing Director- Enterprise Compliance Testing

    6 days ago

    BMO US Chicago, United States

    320 S Canal Street Chicago Illinois,60606 · The Managing Director - Enterprise Compliance Testing (MD) leads and directs the second line compliance testing function, with an enterprise mandate for BMO Financial Group across all jurisdictions and legal entities that BMO operates. ...

  • AMLI Residential

    HR Compliance Manager

    1 week ago

    AMLI Residential Chicago, United States

    Are you looking for a challenging and rewarding opportunity in Human Resources? AMLI Residential is seeking a HR Compliance Manager to join our team in Chicago. In this role, you will be responsible for building and implementing a comprehensive strategic plan to ensure that all H ...

  • HUB International

    HR Compliance Analyst

    6 days ago

    HUB International Chicago, United States

    About HUB International · At HUB International, we are a team of entrepreneurs. We believe in empowering our clients, and we do so by protecting businesses and individuals in our local communities. We help businesses evaluate their risks and develop solutions tailored to their ne ...

  • HUB International

    HR Compliance Analyst

    1 week ago

    HUB International Chicago, United States

    Overview · Do you have a passion for building and driving risk management best practices, consulting to deliver best in class solutions, and empowering leaders and employees? Join our HR Compliance team and help make a difference. The HR Compliance COE is a newer function for Hub ...

  • Northern Trust Corp.

    Regulatory Risk Specialist

    5 hours ago

    Northern Trust Corp. Chicago, United States

    About Northern Trust: · Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. · Northern Trust is proud to provide innovative financial services and guidance to the world's most succe ...

  • AbbVie

    Director, Cmc Product Development

    1 week ago

    AbbVie North Chicago, United States

    **Company Description** · Manages multiple projects and contributes to project prioritization. Represents AbbVie on high profile partnerships and collaborations with other pharma/biotech companies and at the Joint Development Committee level driving joint decisions for the develo ...

  • HABITAT FOR HUMANITY CHICAGO

    Development Financing and Compliance Fellow

    2 weeks ago

    HABITAT FOR HUMANITY CHICAGO Chicago, United States

    **Benefits**: · - Competitive salary · - Employee discounts · - Training & development · **Background**:This is a full-time, 9-month contract. The fellow will be introduced to various institutional sources of funding, including government, foundation, and corporate entities, and ...

  • Shirley Ryan AbilityLab

    Research and Compliance Analyst

    1 week ago

    Shirley Ryan AbilityLab Chicago, United States

    By joining our team, you'll be part of our life-changing Mission and Vision. You'll work in a truly inclusive environment where diversity and equity are championed through words and actions. You'll contribute to an innovative culture that is second to none, one that embraces curi ...

  • Northern Trust Corp.

    Regulatory Risk

    1 week ago

    Northern Trust Corp. Chicago, United States

    About Northern Trust: · Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. · Northern Trust is proud to provide innovative financial services and guidance to the world's most succe ...

  • HCSC

    Director - Privacy Office

    1 week ago

    HCSC Chicago, United States

    At HCSC, we consider our employees the cornerstone of our business and the foundation to our success. We enable employees to craft their career with curated development plans that set their learning path to a rewarding and fulfilling career. · Come join us and be part of a purpos ...

  • USG Corporation

    Reliability Supervisor

    5 hours ago

    USG Corporation East Chicago, United States

    **Job Title**:Reliability Supervisor · **Role & Responsibilities**: · - Responsible for training, motivating, and maintaining a high level of safety for 2-3 Maintenance Planners, 2 Reliability Coordinators, and 2 Storekeepers. Maintains an efficient operation consistent with over ...