Governance and Compliance Senior Analyst

Cybersecurity Governance and Compliance Senior Analyst About the Team

Elsevier’s Information Security and Data Protection (ISDP) team leads the Company’s cybersecurity practice, safeguarding information assets, consumer data, and technology infrastructure. We partner with business and technology stakeholders to enable effective risk management and support business objectives.

Reporting to the Director of Cybersecurity Governance & Compliance, this Senior Analyst role focuses on maturing Elsevier’s governance function. The position leads the development of a policy- and standards-driven governance program, defines and operationalizes the data lifecycle, and supports cybersecurity compliance certifications and related initiatives. The role partners closely with technology teams, product owners, and business stakeholders across the enterprise.

• Leading the design and implementation of a policy- and standards-driven cybersecurity governance program supported by GRC tooling
• Establishing and maturing a data governance and protection program across the full data lifecycle
• Defining and enforcing data classification, labeling, and handling requirements, including controls to prevent inappropriate data sharing
• Establishing and maintaining enterprise security governance structures, roles, and accountability
• Serving as a trusted advisor to business and technology stakeholders on governance, risk, and compliance matters
• Driving identification, escalation, and resolution of cybersecurity GRC risks and issues
• Supporting and maintaining cybersecurity compliance certifications and initiatives (e.g., ISO, PCI, HIPAA)
• Producing metrics, KPIs, and executive-level reporting to support risk-based decision making

• Possess extensive experience in cybersecurity governance, risk, and compliance programs
• Proven experience developing and managing security policies, standards, and controls
• Experience building or maturing enterprise data governance and data protection programs
• Working knowledge of security and compliance frameworks such as ISO 27001/27701, ISO 27017/27018, ISO 42001, HIPAA, PCI DSS, NIST 800-53/800-171, FedRAMP, and/or TX-RAMP
• Experience implementing and operating GRC platforms and security programs
• Possess project management, analytical, and problem-solving skills

CISSP, CISM, CISA, CHP, CHSS

Other information about the company is provided for context and is not necessary for the role description itself.

$78,800 - $131,300. Geographic differentials may apply in some locations to better reflect local market rates.

If performed in Maryland, the base pay range is $82,800 - $137,800. If performed in New Jersey, the base pay range is $93,016 - $148,584.

This job is eligible for an annual incentive bonus.

We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits.  () to access benefits specific to your location.

We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact

Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.

Please read our Candidate Privacy Policy.

Qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.

EEO Know Your Rights.

RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results, and be more productive.

Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.

Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.