Lexis Nexis
About the role
We are seeking an experienced Governance, Risk, and Compliance (GRC) Analyst to lead the development and implementation of our cybersecurity governance program and maintain compliance with our information security standards and frameworks. The successful candidate will have a deep understanding of cybersecurity frameworks, risk management, and compliance standards, and will work collaboratively with cross‑functional teams to ensure alignment with business objectives and regulatory requirements.
About the team This diverse team is ensuring that the GRC policy landscape is being adhered to and that all necessary protections are in place.
Key Responsibilities
Design, implement, and maintain a comprehensive cybersecurity governance framework that aligns with industry best practices (e.g., ISO 27001, NIST, COBIT).
Create, review, and update cybersecurity policies and procedures to ensure compliance with applicable laws and regulations.
Monitor compliance with internal policies and external regulations and prepare for audits and assessments.
Establish an enterprise‑level security governance structure, charters, participants, and roles, and perform periodic role reviews to ensure appropriate accountability.
Work closely with IT, legal, and business units to integrate cybersecurity governance initiatives into overall business processes.
Drive security‑related certification efforts such as ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.; communicate high‑risk initiatives to the Director of GRC, VP GRC, and other stakeholders; generate regular KPI, metric, SLA, executive, and ad‑hoc reports as required.
Resolve cybersecurity GRC issues.
Serve as a trusted advisor to business and technology stakeholders across the enterprise, partnering on security issues and maintaining alignment on common goals.
Requirements
Experience designing, implementing, and maintaining a comprehensive cybersecurity governance framework that aligns with industry best practices.
Experience creating, reviewing, and updating cybersecurity policies and procedures to ensure compliance with applicable laws and regulations.
Experience implementing cybersecurity and compliance frameworks such as ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.
Experience managing an enterprise cybersecurity GRC program and defining controls, particularly for regulatory, legislative, and industry‑specific compliance requirements.
Ability to develop and implement security programs.
Advanced problem‑solving experience leading teams to identify, research, and coordinate resources for troubleshooting complex project issues; translating findings into solutions and identifying risks, impacts, and schedule adjustments to facilitate decision‑making.
Advanced verbal and written communication and customer‑service skills; strong interpersonal, communication, and presentation skills applicable to senior and executive management, customers, and various departments.
Excellent stakeholder‑management skills; ability to cultivate and maintain solid relationships with key stakeholders across organizational teams and third‑party suppliers.
Helpful Licensing/Certifications
Certified Information System Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Work in a way that works for you We promote a healthy work/life balance across the organization. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance, and sabbaticals, we will help you meet your immediate responsibilities and your long‑term goals.
Working flexible hours – flex when you work to fit everything in and work when you are most productive.
Working for you
Health Benefits: Comprehensive, multi‑carrier program for medical, dental, and vision benefits.
Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan.
Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time‑off Programs.
Short‑ and Long‑Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity.
Family Benefits: bonding and family care leaves, adoption and surrogacy benefits.
Health Savings, Health Care, Dependent Care, and Commuter Spending Accounts.
Up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice.
U.S. National Base Pay Range: $70,200 - $117,100. Geographic differentials may apply in some locations to better reflect local market rates. This job is eligible for an annual incentive bonus.
About the Business A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. At Elsevier, your work contributes to the world’s grand challenges and a more sustainable future. We harness innovative technologies to support science and healthcare to partner for a better world.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1‑855‑833‑5120.
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.
Please read our Candidate Privacy Policy.
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers: EEO Know Your Rights.
#J-18808-Ljbffr
About the team This diverse team is ensuring that the GRC policy landscape is being adhered to and that all necessary protections are in place.
Key Responsibilities
Design, implement, and maintain a comprehensive cybersecurity governance framework that aligns with industry best practices (e.g., ISO 27001, NIST, COBIT).
Create, review, and update cybersecurity policies and procedures to ensure compliance with applicable laws and regulations.
Monitor compliance with internal policies and external regulations and prepare for audits and assessments.
Establish an enterprise‑level security governance structure, charters, participants, and roles, and perform periodic role reviews to ensure appropriate accountability.
Work closely with IT, legal, and business units to integrate cybersecurity governance initiatives into overall business processes.
Drive security‑related certification efforts such as ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.; communicate high‑risk initiatives to the Director of GRC, VP GRC, and other stakeholders; generate regular KPI, metric, SLA, executive, and ad‑hoc reports as required.
Resolve cybersecurity GRC issues.
Serve as a trusted advisor to business and technology stakeholders across the enterprise, partnering on security issues and maintaining alignment on common goals.
Requirements
Experience designing, implementing, and maintaining a comprehensive cybersecurity governance framework that aligns with industry best practices.
Experience creating, reviewing, and updating cybersecurity policies and procedures to ensure compliance with applicable laws and regulations.
Experience implementing cybersecurity and compliance frameworks such as ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.
Experience managing an enterprise cybersecurity GRC program and defining controls, particularly for regulatory, legislative, and industry‑specific compliance requirements.
Ability to develop and implement security programs.
Advanced problem‑solving experience leading teams to identify, research, and coordinate resources for troubleshooting complex project issues; translating findings into solutions and identifying risks, impacts, and schedule adjustments to facilitate decision‑making.
Advanced verbal and written communication and customer‑service skills; strong interpersonal, communication, and presentation skills applicable to senior and executive management, customers, and various departments.
Excellent stakeholder‑management skills; ability to cultivate and maintain solid relationships with key stakeholders across organizational teams and third‑party suppliers.
Helpful Licensing/Certifications
Certified Information System Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Work in a way that works for you We promote a healthy work/life balance across the organization. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance, and sabbaticals, we will help you meet your immediate responsibilities and your long‑term goals.
Working flexible hours – flex when you work to fit everything in and work when you are most productive.
Working for you
Health Benefits: Comprehensive, multi‑carrier program for medical, dental, and vision benefits.
Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan.
Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time‑off Programs.
Short‑ and Long‑Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity.
Family Benefits: bonding and family care leaves, adoption and surrogacy benefits.
Health Savings, Health Care, Dependent Care, and Commuter Spending Accounts.
Up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice.
U.S. National Base Pay Range: $70,200 - $117,100. Geographic differentials may apply in some locations to better reflect local market rates. This job is eligible for an annual incentive bonus.
About the Business A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. At Elsevier, your work contributes to the world’s grand challenges and a more sustainable future. We harness innovative technologies to support science and healthcare to partner for a better world.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1‑855‑833‑5120.
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.
Please read our Candidate Privacy Policy.
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers: EEO Know Your Rights.
#J-18808-Ljbffr