- Work
Certifications:Certified Information Systems Security Professional (CISSP)- International Information System Security Certification Consortium, SANS GIAC Certification
- Global Information Assurance Certification Preferred Qualifications
-
Technical Compliance Lead
1 week ago
Fastly Greendale, United StatesFastly, Inc. · Fastly's edge cloud platform delivers faster, safer, and more scalable sites and apps to customers. Elevate your edge CDN, video delivery, security, and more. · View company page · Fastly helps people stay better connected with the things they love. Fastly's edg ...
-
Director, Trust Risk
2 weeks ago
Autodesk Greendale, United StatesAs the Director of Trust Risk & Compliance you will strategize, build, operate, and mature a global Trust (Security, Privacy, Trusted AI, Resiliency) Risk & Compliance organization and lead cross-functional partnerships in maintaining commitments to Autodesk customers and employe ...
-
Senior Compliance and Risk Analyst
2 weeks ago
NextEra Energy , Inc. Greendale, United StatesFlorida Power & Light Company · is America's largest electric company, providing clean, affordable, and reliable electricity to more than 12 million people in Florida. We operate one of the cleanest power generation fleets in the U.S. and our reliability is among the best in the ...
-
Data Protection Consultant
1 week ago
NovaWorks Berlin, United StatesWe are currently seeking several lawyers for positions as consultants and senior consultants in the field of data protection for the datenschutz nord GmbH - a company of the DSN GROUP - based in Berlin. Depending on your place of residence, you will be assigned to one of our offi ...
-
Mechatronics Technician
1 week ago
Titan Innovations New Berlin, United StatesMechatronics Technician (m/f/d) Maintenance Due to our extensive experience in the German job market, renowned and future-oriented companies have trusted the personnel services of the expertum Group for 30 years. We bring together the ideas and wishes of excellent candidates with ...
-
Assistant Center Director
3 weeks ago
The Learning Experience - Corporate Childcare Centers Franklin, United StatesBenefits:401(k) · 401(k) matching · Competitive salary · Dental insurance · Employee discounts · Free food & snacks · Free uniforms · Health insurance · Opportunity for advancement · Paid time off · Training & development · Tuition assistance · Vision insurance · Wellness resourc ...
-
IT Security Associate Director
1 day ago
Wolters Kluwer Greendale, United StatesIT Security Associate Director - Compliance Lead · Wolters Kluwer · Wolters Kluwer is a global provider of professional information, software solutions, and services. · View company page · Wolters Kluwer Global Business Services (GBS) is designed to provide services to the bu ...
-
Compliance Officer, Park Avenue Securities
2 weeks ago
Guardian Llc Greendale, United StatesCompliance Officer, Park Avenue Securities · Guardian · We provide life insurance, disability insurance, dental insurance, and other benefits that help protect people and inspire their well-being. · View company page · The Chief Compliance Officer of Park Avenue Securities (P ...
-
Regulatory Compliance Engineer
4 weeks ago
Salt River Project Greendale, United StatesSalt River Project · Salt River Project has delivered low-cost, reliable power and water to Arizona for over 100 years. View plans, see outages, pay your bill, contact us and more. · View company page · Join us in building a better future for Arizona · SRP is one of the larges ...
-
Chief Compliance Officer
1 day ago
Gravie Greendale, United StatesHi, were Gravie, and we are building the health plan of the future. For the past few decades, the health insurance industry has evolved to serve the needs of employers, insurance companies, brokers, and (sometimes) doctors and hospitals. The needs of the consumer, however, have l ...
-
Security and Compliance Leader
4 days ago
Amazon Greendale, United States· Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa... · View company page · As the ...
-
Senior Director, Technology
1 day ago
TransUnion Greendale, United StatesSenior Director, Technology & Security Risk Management & Compliance · TransUnion's Job Applicant Privacy Notice · Personal Information We Collect · Your Privacy Choices · What We'll Bring: · At TransUnion we have a welcoming and energetic environment that encourages collaboratio ...
-
Senior Risk
1 week ago
Highmark Health Greendale, United StatesThis job works collaboratively to support of all risk and compliance assessment activities of Highmark Health across a broad range of frameworks including NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, etc. The incumbent will partner with the organizational risk and business pa ...
-
IT Cybersecurity Manager
2 weeks ago
Beacon Building Products Greendale, United StatesBeacon Building Products · Beacon Building Products (NASDAQ: BECN), is one of the largest distributors of commercial and residential roofing products, complementary construction, and building materials serving the entire United States and six Canadian provinces. · View company ...
-
Principal Security Engineer
3 weeks ago
Gemini, Inc. Greendale, United StatesGemini · Gemini makes crypto simple. Find, Trade and Buy over 80 coins including bitcoin on the best cryptocurrency platform. Start trading crypto here. · View company page · Gemini is a global crypto and Web3 platform founded by Tyler Winklevoss · and Cameron Winklevoss · i ...
-
Director of Information Security and IT
1 day ago
botkeeper Greendale, United StatesBotkeeper · See how 250+ Botkeeper firms are saving time & increasing profit with the only badass bookkeeping solution designed for badass accounting pros. · View company page · Ready for the future of accounting? Botkeeper provides automated bookkeeping support to Accounting ...
-
Senior Director, Technology
1 day ago
TransUnion Greendale, United StatesSenior Director, Technology & Security Risk Management & Compliance · TransUnion's Job Applicant Privacy Notice · Personal Information We Collect · Your Privacy Choices · What We'll Bring: · At TransUnion we have a welcoming and energetic environment that encourages collabor ...
-
Cybersecurity Incident Response Program Manager
3 weeks ago
UMB Bank Greendale, United StatesCybersecurity Incident Response Program Manager (Hybrid) · As part of UMB's Corporate Information Security and Privacy (CISP) team, the mission is to identify threats, vulnerabilities, and risks and to help protect the people, information, and services within the organization. C ...
-
SOC Analyst
1 week ago
VMware Greendale, United StatesThe End-User Computing Division (EUC) empowers employees to do their best work from anywhere, through smart, seamless, and secure experiences. · As digital workspaces continue to evolve, we are designing and engineering VMware Anywhere Workspace, a holistic platform built on our ...
-
Jam City Greendale, United StatesDirector, Information Security and Privacy · Jam City, Inc. · Jam City connects people around the world through great games. · View company page · As a leading mobile games developer, Jam City is looking to level up our talent. Were searching for innovators who consider thems ...
Governance, Risk, and Compliance Lead - Greendale, United States - University of Chicago
Description
University of Chicago
One of the world's leading research universities, the University of Chicago inspires scholars to pursue field-defining research, while providing a transformative education for students.
Department
Provost Globus
About the Department
Globus ) is a sustainable, non-profit unit within The University of Chicago delivering solutions to the research community worldwide.
Globus develops and provides critical services that support scientific research for governmental, academic, and commercial organizations in a wide range of disciplines including life sciences, physics, and astronomy.
We develop and operate commercial-quality, cloud -based software application and platform services used by 10s of thousands of researchers to manage their large–and growing–data management challenges.
We have offices located at 401 North Michigan Avenue in the heart of downtown Chicago and remote employees who work-from-home.
Globus, together with Globus Labs, a research group within the University of Chicago, and part of the Data Science and Learning Division at Argonne National Labs, develop and deploy cutting edge technologies to solve new challenges facing the scientific community and enable break-through scientific discoveries.
Job Summary
As the Governance, Risk, and Compliance Lead for Globus, you will spearhead the Unit's compliance endeavors, ensuring alignment with essential regulatory standards for both our products and operations.
Our offerings come in the form of a hosted service (SaaS) and platform (PaaS), utilizing a hybrid architecture, with management services hosted on Amazon Web Services (AWS).
Globus capabilities are offered for use with protected data and adhere to NIST controls and the HIPAA Security Rule.In your capacity, you'll oversee the compliance program to uphold these standards, crafting and leading initiatives aimed at enhancing operational efficiency as we expand.
Your focus will be on ensuring that we consistently meet our customers' compliance requirements while scaling our operations effectively.As the resident expert within the team, you'll manage security assessments, monitoring compliance status, providing procedural guidance, implementing security controls, and driving process improvement and maturity initiatives.
Beyond sustaining our current compliance framework, your role will involve leveraging your expertise and insights into the Globus customer base to advocate for and implement additional compliance standards in response to customer demand and market trends.
If you thrive in collaborative, innovative, mission-oriented environments, consider joining Globus where your skills and passion for compliance can make a meaningful impact on research worldwide
Responsibilities
Leads implementation and maintenance of NIST risk management framework and controls to manage security and privacy risks for the Unit.
Develops compliance strategy, and leads and executes various tasks based on those strategies, including development and maintenance of policies and procedures, system security plan, plans of actions and milestones.
Reviews technical procedures developed by the operations team, and ensure compliance with policies.Supports the operations team in managing security incidents, generating reports, and serving as the primary liaison for communication with both internal and external stakeholders, in adherence to established policies.
Serves as compliance lead on internal and external assessments and audits.Assists customers with security risk assessment of Globus products, and owns all customer communication on security and compliance.
Collaborates with the procurement team to review contract terms and data protection agreements pertaining to product and operational security. Ensures that contractual obligations are in line with the current operational standards of Globus.
Serves as a mentor to staff providing compliance and security consulting and awareness efforts, including engaging with the product team to analyze security of applications to provide risk recommendations.
Uses a deep understanding of IT expertise to develop and implement security and compliance policies, guidelines,and safe practices for the unit.
Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.Performs other related work as needed.
Minimum Qualifications
Education:
Minimum requirements include a college or university degree in related field.
-
Experience:
Minimum requirements include knowledge and skills developed through 7+ years of work experience in a related job discipline.
-
Experience:
Implementation of security or compliance frameworks such as HIPAA, NIST SP 800-53r5, NIST SP , or similar.
Maintaining security and compliance for production applications within cloud-based environments, with a preference for Amazon Web Services.
Proficiency in cybersecurity and compliance within higher education and/or government sectors.
Demonstrated experience in conducting information security audits or risk assessments.
Experience as security and/or network engineer and/or system administration.
Licenses and
Certifications:
Relevant security certifications such as CISSP, CISM, CISA, CRISC, or compliance certifications, and/or SANS GIAC certification for technical knowledge (e.g. GWAPT, GPCS, GWEB).
Technical Skills or Knowledge:
Proven track record of managing Governance, Risk and Compliance programs and supporting various compliance frameworks, including NIST RMF, SOC 1/SOC 2, HITRUST, HIPAA, and/or optionally FedRAMP
Strong knowledge of information security risk management frameworks, such as NIST RMF, and compliance practices.
Demonstrated proficiency in administering intricate security controls and configurations for applications.
Well-versed in public cloud security and compliance best practices, particularly in supporting compliance for applications hosted on cloud platforms.
Expertise in AWS security controls and compliance resources.
Some familiarity with Governance Risk and Compliance tools and suites (e.g. Navex, LogicGate).
Preferred Competencies
Strong crisis management and leadership ability.
Work collaboratively with cross-functional teams, especially in an engineering and product environment, and build consensus across teams.
Enjoys solving complex and hard problems and can turn incomplete, conflicting, or ambiguous inputs into actionable plans.
Excellent verbal and written communication skills.
Strong analytical and problem solving skills.
Excellent organizational skills and constant attention to detail.
Work independently, and balance competing priorities.
Weigh business needs against security concerns.
Working Conditions
Occasional evening or weekend hours.
Option available for hybrid work with occasional required attendance at in-person meetings.
Application Documents
Resume/CV (required)
When applying, the document(s)
MUST be uploaded via the
My Experience
page, in the section titled
Application Documents
of the application.
Job Family
Information Technology
Role Impact
Individual Contributor
FLSA Status
Exempt
Pay Frequency
Monthly
Scheduled
Weekly Hours
37.5
Benefits Eligible
Yes
Drug Test Required
No
Health Screen Required
No
Motor Vehicle Record Inquiry Required
No
Posting Statement
The University of Chicago is an Affirmative Action/Equal Opportunity/Disabled/Veterans
and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender, gender identity, national or ethnic origin, age, status as an individual with a disability, military or veteran status, genetic information, or other protected classes under the law.
Staff Job seekers in need of a reasonable accommodation to complete the application process should call or submit a request via Applicant Inquiry Form.
We seek a diverse pool of applicants who wish to join an academic community that places the highest value on rigorous inquiry and encourages a diversity of perspectives, experiences, groups of individuals, and ideas to inform and stimulate intellectual challenge, engagement, and exchange.
All offers of employment are contingent upon a background check that includes a review of conviction history. A conviction does not automatically preclude University employment.Rather, the University considers conviction information on a case-by-case basis and assesses the nature of the offense, the circumstances surrounding it, the proximity in time of the conviction, and its relevance to the position.
The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information.
The Report can be accessed online .Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E.
61st Street, Chicago, ILExplore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.