CNA Apprenticeship Program: Risk Management and Compliance

, , , , , , ,
  • Apprenticeship
  • Part Time
  • Hybrid
  • TBD USD / Year
  • Applications have closed
  • CNA profile
  • Salary: TBD
  • Authorization to work in the US required.

Website https://twitter.com/CNA_Insurance CNA

Download Flyer

Closing date: March 31st, 2026

CNA Insurance – Global Technology Risk and Compliance (GTRAC)

Job Title: Risk Management and Compliance

Hours per week: 20 hrs/week

Pay: $24/hr

Starts on: Fall 2026

Duration: 1 year

Location: Hybrid, most days in-person at 151 N Franklin

Education requirements:

  • Completed COMPSFI 102 and COMPSFI 202
  • Working toward a Cybersecurity AAS degree at City Colleges of Chicago
  • The ideal candidate graduates in May 2027

Company Description:

CNA is one of the largest U.S. commercial property and casualty insurance companies, delivering over 120 years of industry expertise. We provide a broad range of specialized insurance solutions for businesses and professionals across the U.S., Canada, and Europe. Our strength comes from our people—and we’re committed to developing future talent through apprenticeship opportunities designed to launch meaningful careers. 

About the Apprenticeship: 

The Risk Management & Compliance Apprentice will join CNA’s Global Technology Risk & Compliance (GTRAC) organization—an enterprise team responsible for IT governance, compliance, cyber risk oversight, and assurance activities. 

This apprenticeship is designed for students pursuing cybersecurity and risk-focused academic paths who want real-world experience in policy governance, compliance frameworks, and technology risk management. 

You will work alongside experienced risk and compliance professionals and gain practical exposure to: 

  • Regulatory compliance requirements (SOC, SOX) 
  • Industry security frameworks (NIST CSF, NIST 800-53, CIS Controls) 
  • Technology control assessments and monitoring 
  • Policy, standards, and procedure reviews and updates 
  • Governance and risk reporting processes 
  • Control testing readiness and evidence collection 

By the end of the program, apprentices will have a strong foundation in IT governance, risk, controls, and compliance—skills highly valued in cybersecurity, audit, and risk careers. 

Key Responsibilities 

As a GTRAC Apprentice, you will: 

Policy & Standards Governance 

  • Support review, maintenance, and updates of CNA’s technology policies, standards, and procedures. 
  • Assist in aligning documentation with NIST CSF, NIST 800-53, SOC, SOX, and internal control requirements. 
  • Help track document revisions, ownership, approval cycles, and governance workflows. 

Risk & Compliance Activities 

  • Assist in IT risk assessments and control evaluations. 
  • Participate in compliance readiness activities for SOC and SOX. 
  • Help analyze control gaps, risks, and remediation tracking. 
  • Contribute to compliance documentation, evidence gathering, and reporting. 

Governance, Reporting & Operations 

  • Develop reports and summaries for leadership, including risk dashboards and compliance status updates. 
  • Support GTRAC governance meetings, audit preparation activities, and communication initiatives. 
  • Collaborate with cybersecurity, IT operations, and audit partners across the organization. 

Education & Eligibility Requirements 

To qualify, candidates must: 

  • Be actively working toward any AAS/AES degree related to Cybersecurity, Information Systems, IT Audit in acquiring knowledge towards IT Risk and Controls at City Colleges of Chicago.  
  • Have completed relevant 102 and 202 levels. 
  • Have at least one academic year remaining (anticipated graduation May 2027). 
  • Maintain passing grades (C or higher) in all coursework. 
  • Be able to work hybrid from CNA’s Chicago office (151 N Franklin; Tuesdays typically required onsite). 

Preferred Skills & Knowledge 

  • Understanding of cybersecurity, IT governance, and foundational risk management concepts. 
  • Familiarity with compliance frameworks (SOC, SOX) and control frameworks (NIST CSF, NIST 80053). 
  • Strong communication skills, written and verbal. 
  • Ability to research, analyze, and summarize technical or compliance-related information. 
  • Proficiency in Microsoft Office (Word, Excel, PowerPoint). 
  • Curiosity, attention to detail, and willingness to learn. 

Program Benefits 

  • Hands-on experience working within an enterprise technology risk and compliance team. 
  • Exposure to industry-leading frameworks, governance models, and regulatory programs. 
  • Mentorship and professional development opportunities. 
  • Competitive pay and eligibility for CNA employee benefits (including health benefits, paid time off, and paid sick leave). 
  • Opportunity to be considered for full-time roles upon successful completion. 

We also suggest that you contact the Career Development Department at your campus for assistance with your résumé, cover letter, or interviewing workshops:

Contact through Navigate

  • Daley College – Lisset Diaz – on Navigate
  • Harold Washington College – Jasmin Dobson OR Ashley Smith – on Navigate
  • Kennedy-King College – Ingrid Prioleau Byrd – on Navigate
  • Malcolm X College – Darwin Pettis  –  MXC-Careers@ccc.edu
  • Olive-Harvey College –  Charlene Haymond-Bussell  –  chaymond-bussell@ccc.edu
  • Truman College –  Meredith Gallo-Murphy – mgallo-murphy@ccc.edu
  • Wilbur Wright College – Joe Reaves – jreaves@ccc.edu

After you Apply:  After completing the application link, your resume and cover letter will be screened by CCC to determine IF you meet the requirements for the position.

Tagged as: #Chicago, #CNA, #COMPSFI, #insurance, #Technology, cyber, Cybersecurity, securityoperations

/by