Senior Information Security Compliance Analyst

Department: Information Technology

Location: Chicago, IL

Travel Requirements: N/A

Job ID:  302

LIFE AT NFA
NFA is committed to creating an exceptional work environment. Learn from staff how NFA fosters a culture of diversity, ongoing learning and development, and work-life balance.

 

Description: The Senior Information Security Compliance Analyst (SISCA) will be responsible for monitoring, managing and closing existing compliance issues while also ensuring that internal systems are compliant with security standards. In carrying out these functions, the SISCA's responsibilities include the identification, evaluation and interpretation of regulatory, statutory and member security requirements, control deficiencies and information security risks.

Duties/Responsibilities:

  • Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures and standards in order to validate maintenance of secure configurations.
  • Map NFA requirements and regulatory requirements across the information security framework to identify overlapping requirements and compliance efficiencies.
  • Track enterprise compliance across multiple security frameworks including SOC 2, NIST and FISMA and maintain up-to-date records of requirements and corresponding mitigating controls.
  • Monitor third-party risk assessments and assist in performing internal risk assessments.
  • Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
  • Monitor NFA's change management process to ensure compliance.
  • Develop key performance metrics to track and ensure compliance with established policies and standards.
  • Support development of security processes and procedures and support service-level agreements to ensure that security controls are managed and maintained.
  • Participate in the development of security and privacy awareness training in conjunction with other members of the Security Compliance group.

Requirements:

  • Bachelor's degree in business, with IT audit or compliance experience, or computer science, with business and IT audit or compliance experience desired
  • Knowledge and understanding of FISMA, NIST and SOC-2 information security standards
  • Working knowledge of common IT security-related regulations and/or standards such as Sarbanes-Oxley and ISO highly desired
  • Minimum five years' experience conducting security control assessments or audits
  • Minimum two years' experience developing or managing a security awareness program
  • SOC-2 audit experience from a major professional services firm highly desired
  • At least one industry certification (e.g. CISA, CISM, CRISC, CISSP, ISAAP) highly desired
  • Strong oral and written communication skills
  • Ability to maintain security documentation and manuals
  • Must have strong analytical and critical-thinking skills
  • High-level of attention to detail and be a self-starter with ability to work independently, multi-task and adjust to shifting priorities

MAKE OUR MISSION YOUR CAREER
NFA is the industrywide, self-regulatory organization for the U.S. derivatives industry. NFA strives every day to safeguard the integrity of the derivatives markets, protect investors and ensure Members meet their regulatory responsibilities.

Benefits

NFA offers a generous and flexible benefits package that allows employees to balance work and life.

Read Moreabout NFA employees

Our Culture

By actively engaging in the development of our employees, NFA has further enhanced our culture and advancement of our employees, which drives our success.

Read More about our culture

Our People

Meet NFA's employees and learn about their career progression.

Read More about NFA Employees

NFA Cares

NFA believes caring for the health and wellness of our employees and bettering our communities to promote the pursuit of excellence in our employees work.

Read Moreabout NFA Cares

Chicago's 101 Best and Brightest Companies to Work For

Top 100 Workplaces

Crain's Best Places to Work in NYC

Best Places to Work in Illinois

100 Best Adoption-Friendly Workplaces

National Best and Brightest Companies to Work For

National Best and Brightest Companies to Work For

National Best and Brightest Companies to Work For