Senior Security Engineer II
Listed on 2026-07-18
-
IT/Tech
Cybersecurity, Information Security
This position is a Hybrid role on site in the Raleigh, N.C. office 2–3 days a week.
About the CompanyLexis Nexis, a part of RELX, is a leading global provider of legal, regulatory, and business information. We help customers increase productivity and improve decision‑making and outcomes.
About the RoleWe are seeking a Senior Security Engineer to design and implement a scalable Governance, Risk, and Compliance (GRC) foundation across our cloud‑based environment. This role will focus on standardizing controls, improving ownership visibility, and enabling automated evidence collection to support continuous compliance across SOC2, ISO
27001, Cyber Essentials, and related frameworks. It is a transformation‑focused role that will partner with compliance, security, and engineering teams to move the organization from a manual, audit‑driven model to a structured, automation‑enabled GRC program.
- Lead implementation and administration of a GRC platform (e.g., Vanta)
- Configure controls, evidence mapping, and integrations (AWS, identity systems, etc.)
- Establish automated evidence collection and continuous monitoring
- Reduce reliance on manual evidence gathering
- Develop and maintain a unified control framework aligned to SOC2, ISO
27001, and other standards - Define control statements, evidence requirements, and testing expectations
- Map controls across frameworks to reduce duplication
- Maintain traceability between controls and evidence
- Establish team‑based ownership model for controls
- Align systems and services to responsible teams
- Maintain lightweight system inventory
- Improve ownership visibility to reduce audit coordination overhead
- Support audit readiness through well‑defined and monitored controls
- Partner with compliance team to streamline audits
- Enable evidence reuse across frameworks
- Standardize documentation and workflows
- Improve efficiency and reduce audit fatigue
- Support policy and standards development
- Define and track compliance metrics, leveraging automation and data analytics to support continuous audit readiness and control effectiveness
- All other duties as assigned
- Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related technical field, or equivalent practical experience
- 5+ years of experience in security, compliance, or audit‑focused roles
- Proven experience leading ISO/IEC 27001 and SOC2 audits end‑to‑end
- Hands‑on experience with a GRC platform (Audit Board, Drata, Vanta, or similar) – required
- Strong understanding and experience with control frameworks
- Ability to translate technical implementations into audit‑ready controls and documentation
- Strong stakeholder management and auditor‑facing communication skills
- Experience in cloud‑native or SaaS environments (AWS, Azure, or GCP preferred)
- Experience with automation and continuous compliance
- Certifications such as CISSP, CISA, CRISC, or ISO
27001 Lead Implementer/Auditor - Multi‑framework experience
- Experience scaling compliance programs in high‑growth environments
- Comprehensive, multi‑carrier health plan benefits
- Disability insurance
- Dependent care and commuter spending accounts
- Life and accident insurance
- Retirement benefits (salary investment plan/employer stock purchase plan)
- Modern family benefits, including adoption and surrogacy
Lexis Nexis Legal & Professional is proud to be an equal‑opportunity employer. We are committed to equal opportunity employment regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Together, we are building a diverse and inclusive workplace.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).