Senior Information Security Compliance Analyst

Department: Information Technology

Location: Chicago, IL

Travel Requirements: N/A

Job ID:  341

NFA is committed to creating an exceptional work environment. Learn from staff how NFA fosters a culture of diversity, ongoing learning and development, and work-life balance.


When you join NFA as a Senior Information Security Compliance Analyst (SISCA), you'll join a high-performing team of dedicated governance, risk and compliance (GRC) professionals to monitor, manage and close existing compliance issues while also ensuring that internal systems are compliant with security standards.

Bring your innovative, analytical mindset. Bring your technical know-how and attention to detail. Bring a healthy skepticism and passion for information security.

Beginning your first day and throughout your career, you'll utilize your critical thinking, decision-making and risk assessment skills to support our important regulatory mission.

What you'll do:

As a Senior Information Security Compliance Analyst, you'll contribute to NFA's important regulatory mission by:

  • Participating and leading all aspects of the IT audit function, including planning, audit program development, control analysis, testing, issue development and reporting.
  • Engaging with cross-functional stakeholders to define security, privacy and compliance requirements.
  • Identifying relevant IT risks and properly documenting the audit/assessment process, gaps and remediation steps.
  • Tracking enterprise compliance across multiple security frameworks including SOC 2, NIST, FISMA and CIS-20.
  • Maintaining up-to-date records of requirements and corresponding mitigating controls.
  • Developing key performance metrics to track and ensure compliance with established policies and standards.
  • Cooperating with external auditors and internal controls owners to support various internal and external audits/assessments such as SOC 2, NIST, FISMA and CIS-20.
  • Supporting NFA's third-party vendor management program.
  • Reviewing in-house and third-party applications and code to discover security vulnerabilities and best practices.
  • Tracking progress on remediation of identified risks and vulnerabilities and reporting progress to all constituents.
  • Identifying ways to automate control review and reduce manual work where possible to enable increased proactive assessment scope.

What we’re looking for:

Diligent, detail-oriented individuals thrive in this analytical role. If you're eager to apply your technical abilities to serve a public good—supporting the integrity of the derivatives markets—and meet the qualifications below, we encourage you to apply to join our team as a Senior Information Security Compliance Analyst.

  • Bachelor's degree in information technology, computer science, information security or related field
  • At least five years of experience conducting IT security audits and assessments and/or compliance experience
  • Understanding of audit techniques, internal controls and compliance principles
  • Working knowledge of SOC 2, NIST, CIS-20 and FISMA information security standards
  • Knowledge of common information systems such as Active Directory, networking, endpoint management, application development principles, cloud security and SQL
  • Working knowledge of common GRC and vendor risk management platforms
  • SOC 2 audit experience from a major professional services firm highly preferred
  • At least one industry certification (e.g. CISA, CISM, CRISC, CISSP, ISAAP) highly preferred
  • Strong project management and project coordination background
  • Strong collaboration and communication skills (written and verbal)
  • Strong analytical and critical thinking skills
  • Excellent attention to detail
  • Self-starter attitude with the ability to work independently, multi-task and adjust to shifting priorities

Why choose NFA?

We understand how important culture is to an organization, and we pursue a culture of excellence where every NFA employee, regardless of circumstances, can succeed. Our workforce respects and celebrates each employee's diversity, unique values and abilities, all of which mold our creative approach to regulation. Most importantly, we believe that our diverse, inclusive workforce makes NFA a friendly, supportive and enjoyable place to work.


NFA is the industrywide, self-regulatory organization for the U.S. derivatives industry. NFA strives every day to safeguard the integrity of the derivatives markets, protect investors and ensure Members meet their regulatory responsibilities.


Read about NFA's generous and flexible benefits package that allows employees to balance work and life.

Read Moreabout NFA employees

Our Culture

Learn about how NFA's culture drives our success.

Read More about our culture

Our People

Meet NFA employees and learn about their careers.

Read More about NFA Employees

NFA Cares

Learn about how NFA cares for the health and wellness of our employees and communities to promote the pursuit of excellence in our employees work.

Read Moreabout NFA Cares

100 Best Adoption-Friendly Workplaces

National Best and Brightest Companies to Work For

Chicago's 101 Best and Brightest Companies to Work For

Best Places to Work in Illinois

National Best and Brightest Companies to Work For

Top 100 Workplaces

Crain's Best Places to Work in NYC