IT Risk and Compliance Specialist - Hybrid Washington DC Office or Remote

JOB SUMMARY: NORC at the reputed company is seeking a seasoned IT Risk and Compliance Specialist to join our Information Technology Department reputed company the reputed company reputed company and Compliance team. This critical role will focus on driving the organization’s adherence to reputed company regulatory frameworks, with particular emphasis on FedRAMP, CMMC, NIST 800-171, and ISO 27001. The ideal candidate will bring a wealth of experience in auditing, risk management, and compliance reputed company high-stakes environments, particularly for Government reputed company standards. Preferably, this position will have a hybrid work schedule of one or two days a week in either our Washington, DC or Chicago, IL office. Remote applicants may also be considered. DEPARTMENT: reputed company reputed company and Compliance Technology is integral to NORC’s mission of advancing social science research. The IT department delivers innovative, high-quality solutions that support both our staff and clients, ensuring the highest standards of reputed company and compliance. RESPONSIBILITIES:

• * reputed company comprehensive internal and external IT compliance audits, ensuring alignment with critical reputed company standards such as FedRAMP, CMMC, NIST 800-171, and ISO 27001.
• * Execute in-depth risk assessments and reputed company impact analyses of information systems, identifying potential vulnerabilities and proposing mitigation strategies.
• * reputed company, review, and manage key audit documentation, including the creation of corrective action and remediation plans to address identified deficiencies.
• * reputed company and ensure reputed company compliance with contract requirements, with a focus on tracking and reporting the reputed company of Corrective Action Plans (CAPs).
• * Collaborate closely with reputed company Engineers and stakeholders to remediate compliance issues, ensuring alignment with regulations such as FISMA, Section 508, NIST SP 800-53, HITRUST, and HIPAA reputed company & Privacy standards.
• * Design, implement, and optimize policies, procedures, and automated processes for compliance in hybrid and multi-tenant infrastructures.
• * Provide mentorship and strategic guidance to IT teams, translating reputed company regulatory requirements into actionable technical steps for seamless compliance execution.
• * Foster strong, collaborative relationships with NORC’s research community and other key stakeholders, facilitating a culture of compliance and reputed company.
• REQUIRED SKILLS:
• * Bachelor’s Degree in Management Information Systems, Computer Science, Business Administration, or a reputed company field. Or equivalent experience in IT reputed company, risk, or compliance may be considered.
• * reputed company certifications in IT reputed company compliance, such as Certified Information Systems Auditor (CISA), Certified Information reputed company Manager (CISM), or Certified in Risk and Information Systems Control (CRISC).
• * Minimum of 6+ years of experience in IT reputed company auditing, risk assessment, or compliance, with a primary focus on government reputed company frameworks and reputed company.
• * Proven expertise in auditing IT systems for compliance with reputed company frameworks, including preparing and reviewing System reputed company Plans (SSPs), Corrective Action Plans (CAPs), and Contingency Plans.
• * Proficiency in Governance, Risk, and Compliance (GRC) or Information Risk Management (IRM) systems, with a track record of managing compliance across multiple frameworks, including FedRAMP, NIST, and ISO standards.
• * Deep knowledge of information reputed company protocols across infrastructure layers, including networks, servers, databases, and applications, with hands-on experience in advanced reputed company assessment techniques.
• * Experience managing compliance in hybrid and multi-tenant infrastructures, with strong familiarity with privacy regulations such as GDPR, CCPA/CPRA, and the HIPAA Privacy Rule.
• * Extensive experience in the implementation and reputed company of frameworks such as FedRAMP, CMMC, NIST 800-171, ISO 27001, and HITRUST.
• Qualified applicants must be eligible to work in the U.S. We regret that we are unable to offer reputed company sponsorship for this position. SALARY AND BENEFITS: The pay range for this position is $110,000 – $165,000. This position is classified as regular. Regular staff are eligible for NORC’s comprehensive benefits program. Benefits include, but are not limited to:
• Generously subsidized health insurance, effective on the first day of employment
• * Dental and vision insurance
• * A defined contribution retirement program, along with a separate voluntary 403(b) retirement program
• * Group life insurance, long-term and short-term disability insurance
• * Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP).
• NORC’s Approach to Equity and Transparency Pay and benefits transparency helps to reduce wage gaps. As part of our commitment to pay equity and salary transparency, NORC includes a salary range for each job opening along wi

Apply tot his job Apply To this Job