Nuix
Cyber GRC Analyst
Nuix, Herndon, Virginia, United States, 22070
Cyber GRC Analyst
Department:
Technology
Employment Type:
Permanent - Full Time
Location:
Herndon (USA)
Description
Nuix creates innovative software that empowers organisations to simply and quickly find the truth from any data in a digital world. We are a passionate and talented team, delighting our customers with software that transforms data into actionable intelligence across the globe
We provide innovative solutions across eDiscovery, information governance, forensic and electronic investigations for more than 2,000 customers in over 75 countries. Our customers include top financial institutions, corporations and government departments, all tier-one advisory firms; and litigation support vendors.
What you will be doing: We are actively seeking a highly skilled and experienced Cyber GRC (Governance, Risk, and Compliance) Analyst to join our dynamic team. The Cyber GRC Analyst will take full ownership of our cybersecurity governance, risk management, and compliance initiatives globally. This role requires an in-depth understanding of cybersecurity principles, regulatory requirements, and industry best practices to ensure that our assets are well secured and the integrity of our operations is maintained at all times.
This position will be based in our Herndon office. The candidate is required to attend the office a minimum of 2 days per week but may voluntarily elect to work either remotely or from the Herndon office for the remaining days of the week.
Key ResponsibilitiesDevelop and implement cyber governance, risk, and compliance frameworks tailored to the unique needs of our software products and services.Conduct comprehensive risk assessments to identify potential threats, vulnerabilities, and gaps in our security posture.Collaborate with internal stakeholders to establish and enforce security policies, standards, and procedures.Lead compliance efforts to ensure adherence to industry regulations, standards, and best practices (e.g., ISO 27001, FedRAMP, NIST, IRAP, E8, PCI-DSS, and CPS-234).Manage third-party risk assessments and vendor security evaluations to mitigate supply chain vulnerabilities.Oversee the execution of security awareness training programs to foster a culture of cybersecurity awareness among employees.Coordinate and support internal and external audits, responding to findings and implementing corrective actions as necessary.Stay abreast of emerging cyber threats, regulatory developments, and industry trends to proactively address potential risks.Provide regular reports and updates to senior management on the effectiveness of cyber GRC initiatives and the overall security posture.Foster a culture of continuous improvement by identifying opportunities to enhance processes, technologies, and controls.Skills, Knowledge and Expertise
Bachelor's degree in computer science, Information Security, or a related field with at least one professional certification, such as CISA, CISM, CRISC, or CISSP.Minimum of 5 years of experience in cybersecurity, risk management, or compliance roles, with at least 2 years specifically in leading people.Strong understanding of cybersecurity principles, frameworks (e.g., ISO 27001, FedRAMP, NIST, IRAP, E8, PCI-DSS, and CPS-234), and regulatory requirements.Experience with contemporary software development lifecycle (SDLC) security practices, DevOps, DevSecOps and cloud security principles.Experience with GRC platforms and tools is advantageous.Excellent communication skills with the ability to articulate complex technical concepts to non-technical stakeholders.Proven leadership abilities with a track record of successfully managing cross-functional teams and driving initiatives to completion.Analytical mindset with the ability to assess risks, prioritise tasks, and make data-driven decisions.Strong project management skills with the ability to multitask and meet deadlines in a fast-paced environment.https://www.nuix.com/
As we expand our global team and extend our skills and expertise, we are unified as one Nuix team guided by our shared values.
Nuix Vision
Finding Truth in a Digital World.
Nuix Mission Statement
Nuix creates innovative software that empowers organizations to simply and quickly find the truth from any data in a digital world. We are a passionate and talented team, delighting our customers with software that transforms data into actionable intelligence.
Nuix Values
TAKEOWNERSHIP_ AND FOLLOW UPRESILIENT_ WE LEARN FROM THE PAST AND ARE OPTIMISTIC ABOUT TOMORROWUNAFRAID_ TO DO THE RIGHT THING, QUICKLYTEAM NUIX_ FIRST AND FOREMOSTHERO OUR CUSTOMERS_ AND INNOVATE FOR THEM
We believe in these principles and seek to weave them into the fabric of our daily work at Nuix. In doing so, we co-create a dynamic and purposeful company culture that we can be proud of and want to belong to.
Department:
Technology
Employment Type:
Permanent - Full Time
Location:
Herndon (USA)
Description
Nuix creates innovative software that empowers organisations to simply and quickly find the truth from any data in a digital world. We are a passionate and talented team, delighting our customers with software that transforms data into actionable intelligence across the globe
We provide innovative solutions across eDiscovery, information governance, forensic and electronic investigations for more than 2,000 customers in over 75 countries. Our customers include top financial institutions, corporations and government departments, all tier-one advisory firms; and litigation support vendors.
What you will be doing: We are actively seeking a highly skilled and experienced Cyber GRC (Governance, Risk, and Compliance) Analyst to join our dynamic team. The Cyber GRC Analyst will take full ownership of our cybersecurity governance, risk management, and compliance initiatives globally. This role requires an in-depth understanding of cybersecurity principles, regulatory requirements, and industry best practices to ensure that our assets are well secured and the integrity of our operations is maintained at all times.
This position will be based in our Herndon office. The candidate is required to attend the office a minimum of 2 days per week but may voluntarily elect to work either remotely or from the Herndon office for the remaining days of the week.
Key ResponsibilitiesDevelop and implement cyber governance, risk, and compliance frameworks tailored to the unique needs of our software products and services.Conduct comprehensive risk assessments to identify potential threats, vulnerabilities, and gaps in our security posture.Collaborate with internal stakeholders to establish and enforce security policies, standards, and procedures.Lead compliance efforts to ensure adherence to industry regulations, standards, and best practices (e.g., ISO 27001, FedRAMP, NIST, IRAP, E8, PCI-DSS, and CPS-234).Manage third-party risk assessments and vendor security evaluations to mitigate supply chain vulnerabilities.Oversee the execution of security awareness training programs to foster a culture of cybersecurity awareness among employees.Coordinate and support internal and external audits, responding to findings and implementing corrective actions as necessary.Stay abreast of emerging cyber threats, regulatory developments, and industry trends to proactively address potential risks.Provide regular reports and updates to senior management on the effectiveness of cyber GRC initiatives and the overall security posture.Foster a culture of continuous improvement by identifying opportunities to enhance processes, technologies, and controls.Skills, Knowledge and Expertise
Bachelor's degree in computer science, Information Security, or a related field with at least one professional certification, such as CISA, CISM, CRISC, or CISSP.Minimum of 5 years of experience in cybersecurity, risk management, or compliance roles, with at least 2 years specifically in leading people.Strong understanding of cybersecurity principles, frameworks (e.g., ISO 27001, FedRAMP, NIST, IRAP, E8, PCI-DSS, and CPS-234), and regulatory requirements.Experience with contemporary software development lifecycle (SDLC) security practices, DevOps, DevSecOps and cloud security principles.Experience with GRC platforms and tools is advantageous.Excellent communication skills with the ability to articulate complex technical concepts to non-technical stakeholders.Proven leadership abilities with a track record of successfully managing cross-functional teams and driving initiatives to completion.Analytical mindset with the ability to assess risks, prioritise tasks, and make data-driven decisions.Strong project management skills with the ability to multitask and meet deadlines in a fast-paced environment.https://www.nuix.com/
As we expand our global team and extend our skills and expertise, we are unified as one Nuix team guided by our shared values.
Nuix Vision
Finding Truth in a Digital World.
Nuix Mission Statement
Nuix creates innovative software that empowers organizations to simply and quickly find the truth from any data in a digital world. We are a passionate and talented team, delighting our customers with software that transforms data into actionable intelligence.
Nuix Values
TAKEOWNERSHIP_ AND FOLLOW UPRESILIENT_ WE LEARN FROM THE PAST AND ARE OPTIMISTIC ABOUT TOMORROWUNAFRAID_ TO DO THE RIGHT THING, QUICKLYTEAM NUIX_ FIRST AND FOREMOSTHERO OUR CUSTOMERS_ AND INNOVATE FOR THEM
We believe in these principles and seek to weave them into the fabric of our daily work at Nuix. In doing so, we co-create a dynamic and purposeful company culture that we can be proud of and want to belong to.