Elsevier is revolutionizing the health care industry by delivering a knowledge and analytics platform that turns information into actionable clinical decision support. Utilizing Elsevier's premiere medical content, the platform powers products providing personalized, interactive trusted decision support for providers, patients and clinical students. Elsevier is a data-driven organization that is on the cutting edge of technology in support of improving patient outcomes and delivering essential educational tools and content for more effective health practitioners.
Fundamental to the success of Elsevier's mission is maintaining the integrity of the Elsevier network and data assets. We now have a new exciting opportunity within the Elsevier Global Security team for a CyberSecurity Risk Analyst. In this role you will be responsible for researching risk and emerging threats and establishing a cohesive strategy to assess its business impact and present this information to key business stakeholders. This is a critical role and the successful candidate will enjoy exposure to the highest levels of the Elsevier Technology and Security organisations.
* Act as the primary author of risk reports to highlight current architecture, mitigations and Cybersecurity Risk Posture including potential client impacts and cybersecurity related regulation at the federal, local and state levels. * Act as the focal point for information risk management in the organisation including resolution of any organisational or other escalated risk issues raised by Information Asset Owners, Information Security Officers, Auditors etc * Coordinating assessment and risk analysis activities, developing holistic risk reporting capabilities and establishing Key Performance Indicators to determine efficacy of controls. * Contribute to monitoring, testing as well as review and collaboration with IT operational teams and business units on their assessment of cybersecurity risks, including risk mitigation and management responses * Establish continuous improvement analysis for security processes and supporting research of emerging threats. * Coordinate response on customer audits and assessments, and participate in assessments of third party risk as part of our continuous monitoring program capability.
* 2-5 years of experience with information assurance, risk, and cybersecurity program governance ideally in complex global organizations * Experience with developing risk reports, automating risk analysis and following through on action plans * Understand the information risks faced by the organisation and its business partners ensuring that they are addressed, and that they inform investment decisions including outsourcing * Ensure that information risk assessment and mitigating actions taken benefit from an adequate level of independent scrutiny * Given the regular exposure to C-level colleagues you will possess excellent oral and written communication skills as well as excellent presentation skills. * Strong consulting skills to include negotiation, influencing, and problem solving coupled with flexibility and sound business judgment. * Solid analytical skills and understanding of processes, technology and operational concepts. * Well organized and possessing the ability to work under tight time constraints and adapt quickly to changing priorities. * Experience with established cybersecurity frameworks and regulations, including SOC Type1/2, NIST 800-53, NIST CSF, ISO27001, NHS IG, or common audit capabilities.
Elsevier is a global information analytics business that helps institutions and professionals progress science, advance healthcare and improve performance for the benefit of humanity. We help researchers make new discoveries, collaborate with their colleagues, and give them the knowledge they need to find funding. We help governments and universities evaluate and improve their research strategies. We help doctors save lives, providing insight for physicians to find the right clinical answers, and we support nurses and other healthcare professionals throughout their careers. Elsevier provides digital solutions and tools in the areas of strategic research management, R&D performance, clinical decision support, and professional education; including ScienceDirect, Scopus, SciVal, ClinicalKey and Sherpath. Elsevier publishes over 2,500 digitized journals, including The Lancet and Cell, more than 35,000 e-book titles and many iconic reference works, including Gray's Anatomy.
Elsevier is part of RELX Group, a global provider of information and analytics for professionals and business customers across industries. Elsevier employs over 7,000 people in more than 70 offices worldwide. We are an employer of choice, attracting and developing talented and creative people who thrive in a challenging and fast-paced environment. We offer an excellent compensation and benefits package as well as a real opportunity for career growth in a growing organization. Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact 1.877.###.#### or ...@relx.com.
Associated topics: attack, cybersecurity, forensic, identity, iam, information security, information technology security, malicious, security, violation
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.