VetJobs - The Leading Military Job Board

About our Team : Our Information Security and Data Protection team acts as the center of gravity for the cybersecurity practice at Elsevier. We safeguard the confidentiality, integrity, and availability of the Company’s information resources, Consumer Data, and Technology infrastructure. We carry business accountability and engage with business stakeholders to enable them to manage their risk.

About the Role : This is a principal role reporting to the Director of Cybersecurity GRC that requires an individual with a deep ability to work with and coordinate projects across the Elsevier Technology Information Security and Data Protection organization, as well as Technology product owners and their customers. This role will primarily be focused on maturing the governance & compliance functions of the GRC team. This position is responsible for monitoring cyber security compliance and regulatory considerations, leading the management of security-related certifications, and assisting with the establishment of a governance program based on standards and policies.

Key Responsibilities:

• Driving security-related certification efforts such as ISO 27001, ISO 42001, HIPAA, FedRamp, etc. Driving communication and upwards reporting of the highest risk initiatives to Director of GRC, VP GRC and other key stakeholders.

• Establishing a functional Cyber technology audit management process. Responsible for resolution of cybersecurity governance and compliance issues.

• Establishing a enterprise level security governance structure, charters, participants and roles, and perform periodic role reviews to ensure appropriate accountability is maintained.

• Acting as a trusted advisor to the business and technology stakeholders across the enterprise to partner on security issues and stay aligned on common goals.

• Maintaining communication with peers throughout the organization and security contacts including Business Units and subsidiary locations. Delivering solutions to help raise security awareness.

• Assisting with reviewing existing tools, applications, and processes to help strengthen and optimize current capabilities, as well as identifying any gaps or technical solutions to further enhance the team’s effectiveness.

  Requirements

• Experience implementing cybersecurity and compliance related frameworks such as ISO 27001, FedRamp, HIPAA, PCI, etc. Demonstrated business acumen.

• Experience managing an enterprise cybersecurity GRC program.

• Experience in defining cybersecurity controls, particularly related to regulatory, legislative, and industry specific compliance requirements.

• Possess an understanding of compliance and governance initiatives. Possess an extensive rong understanding of networking, web-based content delivery platforms and personal computing filesystem operation, architecture, patching and security.

• Have the ability to develop and implement security programs.

• Possess advanced skills in setting, communicating, implementing, and achieving business objectives and goals.

• Possess advanced problem-solving experience involving leading teams in identifying, researching, and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues; prior success extracting/translating findings into alternatives/solutions; and identifying risks/impacts and schedule adjustments to facilitate management decision-making.

Work in a way that works for you

We promote a healthy work/life balance across the organization. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

• Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive

Working for you

We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer: - Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits - Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan - Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs - Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity - Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits - Health Savings, Health Care, Dependent Care and Commuter Spending Accounts - Up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice

About the Business

A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. At Elsevier, your work contributes to the world’s grand challenges and a more sustainable future. We harness innovative technologies to support science and healthcare to partner for a better world.

Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: https://forms.office.com/r/eVgFxjLmAK , or please contact 1-855-833-5120.

Please read our Candidate Privacy Policy (https://www.relx.com/careers/join-us/privacy) .

RELX is a global provider of information and analytics for professional and business customers across industries.

We help scientists make new discoveries, lawyers win cases, doctors save lives and insurance companies offer customers lower prices. We save taxpayers and consumers money by preventing fraud and help executives forge commercial relationships with their clients.

In short, we enable our customers to make better decisions, get better results and be more productive.