LexisNexis Risk Solutions
Governance and Compliance Analyst
LexisNexis Risk Solutions, Atlanta, Georgia, United States, 30383
Technology Governance and Compliance Analyst
Are you looking to utilize your compliance and governance expertise as a critical member of our GRC team?
About the role: We are seeking an experienced Governance, Risk, and Compliance (GRC) Analyst to lead the development and implementation of our cybersecurity governance program and maintain compliance with our information security standards and frameworks. The successful candidate will have a deep understanding of cybersecurity frameworks, risk management, and compliance standards, and will work collaboratively with cross-functional teams to ensure alignment with business objectives and regulatory requirements.
About the team: This diverse team is ensuring that the GRC policy landscape is being adhered to and that all necessary protections are in place.
Key Responsibilities
Design, implement, and maintain a comprehensive cybersecurity governance framework aligned with industry best practices (ISO 27001, NIST, COBIT).
Create, review, and update cybersecurity policies and procedures to ensure compliance with applicable laws and regulations.
Monitor compliance with internal policies and external regulations, preparing for audits and assessments.
Establish enterprise-level security governance structure, charters, participant roles, and perform periodic role reviews to ensure appropriate accountability.
Collaborate with IT, legal, and business units to integrate cybersecurity governance initiatives into overall business processes.
Drive security-related certification efforts (ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.) and report the highest risk initiatives to senior GRC leadership.
Generate regular reporting including KPIs, metrics, SLAs, executive reporting, and ad‑hoc reports as required. Resolve cybersecurity GRC issues and serve as a trusted advisor to the enterprise.
Partner with technology stakeholders across the enterprise to address security issues and maintain alignment on common goals.
Requirements
Experience designing, implementing, and maintaining cybersecurity governance frameworks aligned with industry best practices (ISO 27001, NIST, COBIT).
Experience creating, reviewing, and updating cybersecurity policies and procedures to comply with laws and regulations.
Experience implementing frameworks such as ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.
Experience managing an enterprise cybersecurity GRC program and defining controls for regulatory and industry-specific compliance.
Ability to develop and implement security programs.
Advanced problem‑solving skills with prior success in troubleshooting complex project issues and translating findings into actionable solutions.
Excellent communication and stakeholder management skills, capable of presenting to senior executives and cross-functional teams.
Strong interpersonal skills and a customer‑service orientation.
Helpful Licensing/Certifications
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Benefits
Health Benefits: Comprehensive, multi‑carrier program for medical, dental and vision benefits
Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and time‑off programs
Short‑ and Long‑Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity coverage
Family benefits, including bonding and family care leave, adoption and surrogacy benefits
Health Savings, Health Care, Dependent Care and Commuter Spending Accounts
Paid time off and additional days for volunteer and employee resource group participation
Compensation U.S. National Base Pay Range: $70,200 - $117,100. Geographic differentials may apply in some locations to better reflect local market rates.
This job is eligible for an annual incentive bonus.
Additional Information We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or contacting 1‑855‑833‑5120.
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams.
Please read our Candidate Privacy Policy.
Equal Opportunity Statement We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. EEO Know Your Rights.
#J-18808-Ljbffr
About the role: We are seeking an experienced Governance, Risk, and Compliance (GRC) Analyst to lead the development and implementation of our cybersecurity governance program and maintain compliance with our information security standards and frameworks. The successful candidate will have a deep understanding of cybersecurity frameworks, risk management, and compliance standards, and will work collaboratively with cross-functional teams to ensure alignment with business objectives and regulatory requirements.
About the team: This diverse team is ensuring that the GRC policy landscape is being adhered to and that all necessary protections are in place.
Key Responsibilities
Design, implement, and maintain a comprehensive cybersecurity governance framework aligned with industry best practices (ISO 27001, NIST, COBIT).
Create, review, and update cybersecurity policies and procedures to ensure compliance with applicable laws and regulations.
Monitor compliance with internal policies and external regulations, preparing for audits and assessments.
Establish enterprise-level security governance structure, charters, participant roles, and perform periodic role reviews to ensure appropriate accountability.
Collaborate with IT, legal, and business units to integrate cybersecurity governance initiatives into overall business processes.
Drive security-related certification efforts (ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.) and report the highest risk initiatives to senior GRC leadership.
Generate regular reporting including KPIs, metrics, SLAs, executive reporting, and ad‑hoc reports as required. Resolve cybersecurity GRC issues and serve as a trusted advisor to the enterprise.
Partner with technology stakeholders across the enterprise to address security issues and maintain alignment on common goals.
Requirements
Experience designing, implementing, and maintaining cybersecurity governance frameworks aligned with industry best practices (ISO 27001, NIST, COBIT).
Experience creating, reviewing, and updating cybersecurity policies and procedures to comply with laws and regulations.
Experience implementing frameworks such as ISO 27001, ISO 27701, ISO 27017, ISO 27018, ISO 42001, FedRamp, StateRamp, TX Ramp, HIPAA, PCI, etc.
Experience managing an enterprise cybersecurity GRC program and defining controls for regulatory and industry-specific compliance.
Ability to develop and implement security programs.
Advanced problem‑solving skills with prior success in troubleshooting complex project issues and translating findings into actionable solutions.
Excellent communication and stakeholder management skills, capable of presenting to senior executives and cross-functional teams.
Strong interpersonal skills and a customer‑service orientation.
Helpful Licensing/Certifications
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Benefits
Health Benefits: Comprehensive, multi‑carrier program for medical, dental and vision benefits
Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and time‑off programs
Short‑ and Long‑Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity coverage
Family benefits, including bonding and family care leave, adoption and surrogacy benefits
Health Savings, Health Care, Dependent Care and Commuter Spending Accounts
Paid time off and additional days for volunteer and employee resource group participation
Compensation U.S. National Base Pay Range: $70,200 - $117,100. Geographic differentials may apply in some locations to better reflect local market rates.
This job is eligible for an annual incentive bonus.
Additional Information We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or contacting 1‑855‑833‑5120.
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams.
Please read our Candidate Privacy Policy.
Equal Opportunity Statement We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. EEO Know Your Rights.
#J-18808-Ljbffr