Information Security Compliance Analyst II

Department: Information Technology

Location: Chicago, IL

Travel Requirements: N/A

Job ID:  464

NFA's culture supports all our employees to perform at the highest level, no matter the circumstances, and values an inclusive culture where all staff can thrive. Read more.


When you join NFA as an Information Security Compliance Analyst II, you'll join a high-performing team of dedicated governance, risk and compliance (GRC) professionals for monitoring, managing and closing existing compliance issues while also ensuring that internal systems are compliant with security standards. This responsibility includes developing key performance metrics to ensure compliance with established policies and standards.

Bring your innovative, analytical mindset. Bring your technical know-how and attention to detail. Bring a healthy skepticism and passion for information security.

Beginning your first day and throughout your career, you'll utilize your critical thinking, decision-making and risk assessment skills to support our important regulatory mission.

What you'll do:

As an Information Security Compliance Analyst II, you'll contribute to NFA's important regulatory mission by:

  • Conducting walkthroughs and IT audits to assess the adequacy of controls for adherence to established policies, procedures, business practices, and compliance with SOC 2 and NIST.
  • Obtaining and reviewing evidence, ensuring audit conclusions are well documented and based on a complete understanding of the processes and risks.
  • Tracking enterprise compliance risks across multiple security frameworks including SOC 2 and NIST, and ensuring risks are being remediated in accordance with NFA's policy.
  • Identifying and analyzing third party vendor management risks to ensure vendors are meeting compliance requirements and industry standards.
  • Continuously monitoring and evaluating the organization’s security controls to ensure compliance with industry standards, regulations and internal policies.
  • Conducting policy compliance against infrastructure servers and ensuring server hardening guides and policies are aligned to CIS control framework.
  • Collaborating on critical IT projects to ensure security policy/risk issues are addressed throughout the project life cycle.
  • Updating policy, process and procedure documents to enable an effective security compliance management program.
  • Monitoring NFA's Change Management process to ensure compliance.
  • Conducting risk assessments to identify security risks and recommending mitigation strategies.
  • Collaborating with cross-functional teams, including Information Systems, General Counsel and Futures and OTC Derivatives Compliance, to ensure a cohesive and comprehensive approach to security.
  • Preparing and delivering regular reports on compliance status and security metrics to management and relevant stakeholders.

What we’re looking for:

Diligent, detail-oriented individuals thrive in this analytical role. If you're eager to apply your technical abilities to serve a public good—supporting the integrity of the derivatives markets—and meet the qualifications below, we encourage you to apply to join our team as an Information Security Compliance Analyst II.

  • Bachelor's degree in Computer Science, Information Security, or a technology-oriented major required
  • At least three years of experience in security compliance or a related role
  • Holding a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) and/or Certified Information Systems Security Professional (CISSP) is highly preferred.
  • Strong knowledge of industry standards and regulations (e.g., SOC 2, NIST, ISO 27001)
  • Basic knowledge of GRC tools
  • Basic familiarity with technology risks and controls, governance, risk and compliance tools
  • Strong analytical and problem-solving skills
  • Excellent oral and written communication skills



We understand how important culture is to an organization, and we pursue a culture of excellence where every NFA employee, regardless of circumstances, can succeed. Our workforce respects and celebrates each employee's diversity, unique values and abilities, all of which mold our creative approach to regulation. Most importantly, we believe that our diverse, inclusive workforce makes NFA a friendly, supportive and enjoyable place to work.


NFA is purpose-driven. We safeguard the integrity of the derivatives markets, protect investors and ensure that our Members meet their regulatory obligations. We take pride in our work; maintain a conviction to do the right thing; empower each other; and support our community. Envision your career in a place where performing critical regulatory work within the financial industry is as significant as the diverse, passionate and talented individuals with whom you work.

Together, we will innovate regulation.



Read about NFA's generous and flexible benefits package that allows employees to balance work and life.

Read Moreabout NFA employees

Our Culture

Learn about how NFA's culture drives our success.

Read More about our culture

Our People

Meet NFA employees and learn about their careers.

Read More about NFA Employees

NFA Cares

Learn about how NFA cares for the health and wellness of our employees and communities to promote the pursuit of excellence in our employees work.

Read Moreabout NFA Cares

Top 100 Workplaces

100 Best Adoption-Friendly Workplaces

Best Places to Work in Illinois


National Best and Brightest Companies to Work For

Chicago's 101 Best and Brightest Companies to Work For