RELX Group InfoSec Compliance Analyst in Horsham, Pennsylvania
InfoSec Compliance Analyst
Location: Horsham, Pennsylvania, United States
The IT/Information Security (InfoSec) Compliance Analyst is a key member of the InfoSec Compliance team responsible for coordination of audits, control definitions, procedure creation and/or enhancement. This position assists other members of the InfoSec Compliance Team with designing, developing and implementing information security policies and documentation, assessing compliance with existing policies, and overall compliance with security related requirements from customers. Supports and assists with coordination and implementation of the company's information security policies and procedures. In addition, the incumbent may be required to assist with performing security assessments and assisting in maintaining the security posture of systems throughout the systems' life cycle. The position will also be responsible for assisting in developing policies and procedures to support the company's Federal Information Security Management Act (FISMA) Security Accreditation, ISO 2700:2013 (ISO 27K), SOX and other regulatory and compliance initiatives. Success in this role requires a good understanding of information security best practices, strong security knowledge, ability to understand and communicate risk and controls, organization, planning, good communication and writing skills.
· Assists in ensuring that laws, rules and regulations that may affect the business are identified, understood, assessed and appropriately communicated.
· Execute IT Security controls, evidence gathering and approvals
· Provide on-going evaluations and validation of IT control effectiveness
· Evaluate internal business processes as they relate to compliance activities within areas of responsibility, analyze operating procedures for regulatory requirements, and recommend solutions for identified weaknesses.
· Identify opportunities to improve compliance operations and recommend and assist in changes to best practices
· Participate in the development and ongoing maintenance of various compliance program initiatives, especially with driving consistency in the way information is managed and communicated.
· Assists with the analysis and interpretation of regulatory compliance requirements.
· Assists with gap analysis of current policies, procedures and practices as they relate to established guidelines outlined by NIST, OMB, FISMA, and other regulatory standards.
· Assists in development and maintenance of policies and procedures.
· Researches regulations by reviewing regulatory bulletins and other sources of information. 11. Keeps other departments abreast of requirements by researching regulatory information; writing and communicating guidelines.
· Maintains quality service by establishing and enforcing organization standards.
· Maintains professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.
· Ability to work independently, adjust priorities, and work in a continuously changing environment.
· Performs other job related duties as required |
· Bachelor's degree in Computer Science, Information Technology related field or equivalent experience.
· Certification in IT, Security, Audit or related a plus; Sec+, CISA, etc.
· Prefer 2+ years? experience in IT, Audit, compliance or controls assessments
· Experience in NIST, FISMA, ISO 27K, SOX, or other compliance environment(s)
· Excellent written and oral communication skills.
· Familiarity with technical computing environments.
Reed Techis aprovider of best-in-class information-based solutions and services to meet the broad needs of the global IP market as well as key regulatory needs of the Life Sciences industry. Our customers include the U.S. Patent and Trademark Office, IP driven companies, law firms, and a wide range of pharmaceutical and medical device manufacturers. The corporate culture is driven by a commitment to excellence, innovation and a strong dedication to its customers, employees and community. Reed Tech is a LexisNexis company. LexisNexis Legal & Professionalis a leading global provider of content and technology solutions that enable professionals in legal, corporate, tax, government, academic and non-profit organizations to make informed decisions and achieve better business outcomes. Part of Reed Elsevier, LexisNexis Legal & Professional serves customers in more than 100 countries with 10,000 employees worldwide.
LexisNexis, a division of Reed Elsevier, is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact HR-Careers@lexisnexis.com