Nuix creates innovative software that empowers organisations to quickly find the truth from any data in a digital world. We are a passionate and talented team, delighting our customers with software that transforms data into actionable intelligence.
We collaborate to provide innovative solutions for more than 2,000 customers in over 75 countries. Our customers include many of the world’s top financial institutions, corporations, government departments, major global regulatory agencies, leading security and law enforcement agencies, and tier-one advisory firms and litigation support vendors.
We offer a truly unique workplace with passionate people who believe in our vision and mission and exciting opportunities for those who seek them. Are you ready to be part of a global team that is changing how eDiscovery, information governance, and forensic and electronic investigations are conducted worldwide?
What you will be doing:
We are actively seeking a highly skilled and experienced Cyber GRC (Governance, Risk, and Compliance) Analyst to join our dynamic team. The Cyber GRC Analyst will support the cybersecurity governance, risk management, and compliance program globally. This role requires an in-depth understanding of cybersecurity principles, regulatory requirements, and industry best practices to ensure that our assets are well secured and the integrity of our operations is maintained at all times.
This position will be based in our Herndon office. The candidate is required to attend the office a minimum of 3 days per week but may voluntarily elect to work either remotely or from the Herndon office for the remaining days of the week.
Key Responsibilities
- Support the development and implementation of cyber governance, risk, and compliance frameworks tailored to the unique needs of our software products and services.
- Conduct comprehensive risk assessments to identify potential threats, vulnerabilities, and gaps in our security posture.
- Collaborate with internal stakeholders to establish and enforce security policies, standards, and procedures.
- Support and Lead compliance efforts to ensure adherence to industry regulations, standards, and best practices (e.g., ISO 27001, FedRAMP, NIST, IRAP, E8, PCI-DSS, and CPS-234).
- Manage third-party risk assessments and vendor security evaluations to mitigate supply chain vulnerabilities.
- Support the execution of security awareness training programs to foster a culture of cybersecurity awareness among employees.
- Coordinate and support internal and external audits, responding to findings and implementing corrective actions as necessary.
- Stay abreast of emerging cyber threats, regulatory developments, and industry trends to proactively address potential risks.
- Provide regular reports and updates to senior management on the effectiveness of cyber GRC controls and the overall security posture.
- Assist and foster a culture of continuous improvement by identifying opportunities to enhance processes, technologies, and controls.
Skills, Knowledge and Expertise
- Bachelor’s degree in computer science, Information Security, or a related field with at least one professional certification, such as CISA, CISM, CRISC, or CISSP.
- Minimum of 5 years of experience in cybersecurity, risk management, or compliance roles,.
- Strong understanding of cybersecurity principles, frameworks (e.g., ISO 27001, FedRAMP, NIST, IRAP, E8, PCI-DSS, and CPS-234), and regulatory requirements.
- Experience with contemporary software development lifecycle (SDLC) security practices, DevOps, DevSecOps and cloud security principles.
- Experience with Cloud, SaaS systems andGRC platforms is advantageous.
- Excellent communication and documentation skills with the ability to articulate complex technical concepts to non-technical stakeholders.
- Proven track record of successfully managing cross-functional teams and driving initiatives to completion.
- Analytical mindset with the ability to assess risks, prioritise tasks, and make data-driven decisions.
- Strong project management skills with the ability to multitask and meet deadlines in a fast-paced environment.
https://www.nuix.com/
As we expand our global team and extend our skills and expertise, we are unified as one Nuix team guided by our shared values.
Nuix Vision
Finding Truth in a Digital World.
Nuix Mission Statement
Nuix creates innovative software that empowers organizations to simply and quickly find the truth from any data in a digital world. We are a passionate and talented team, delighting our customers with software that transforms data into actionable intelligence.
Nuix Values
· TAKE OWNERSHIP
· RESILIENT
· UNAFRAID
· TEAM NUIX
· HERO OUR CUSTOMERS
We believe in these principles and seek to weave them into the fabric of our daily work at Nuix. In doing so, we co-create a dynamic and purposeful company culture that we can be proud of and want to belong to.
