Relx Group

Manager Security Compliance and Risk Management

Relx Group$118K — $219K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in information security, compliance, or risk management
  • Proven leadership skills with experience managing a team
  • Strong understanding of audit, compliance, and continuous monitoring processes
  • Familiarity with regulatory frameworks such as NIST CSF, ISO 27001, and SOC 2
  • Excellent communication skills for interfacing with executives and stakeholders
  • Demonstrated ability in risk assessment and mitigation strategies
  • Experience in managing FedRAMP Continuous Monitoring activities

Responsibilities

  • Manage and develop a team of security engineers
  • Establish team priorities and delegate tasks effectively
  • Cultivate a culture of accountability and continuous improvement
  • Oversee the enterprise technology risk register
  • Lead the risk exception and acceptance process
  • Advise stakeholders on compliance and risk management issues
  • Coordinate enterprise control management activities

Benefits

  • Country-specific benefits related to well-being and happiness
  • Eligibility for an annual incentive bonus
Full Job Description

Manager, Security – Security Compliance & Risk Management

Function: Information Security / Compliance & Risk 

Location: [Raleigh / Hybrid] 

 

 

About the Role 

The Manager, Security – Security Compliance & Risk Management is responsible for leading the Security Compliance and Risk Management function within the Information Security organization. This role owns the frameworks, processes, and programs that provide structured oversight of technology and security risk across the company. This manager serves as a critical bridge between the security program and the business — translating risk into actionable insight for executives, boards, auditors, regulators, and customers. 

This is a people manager role overseeing a team of security engineers responsible for the day-to-day operationalization of audit, compliance, control, and FedRAMP Continuous Monitoring activities. The right candidate is both a capable program builder and an engaged people leader who can develop talent, allocate work effectively, and drive consistent execution across the team. 

 

 

Core Responsibilities 

People Leadership 

  • Manage, mentor, and develop a team of security engineers 

  • Set clear priorities, delegate work effectively, and maintain team capacity across concurrent audit, compliance, and ConMon activities 

  • Foster a culture of quality, accountability, and continuous improvement within the team 

 

Risk Management 

  • Own and operate the enterprise technology and security risk register, including risk identification, scoring, tracking, and reporting 

  • Lead the risk exception and risk acceptance process, ensuringappropriate documentation, approvals, and periodic review

  • Drive identification, escalation, and resolution of cybersecurity risks and issues across the organization

  • Serve as a trusted advisor to business and technology stakeholders on compliance and risk matters

  • Provide risk-based reporting to support executive and board-level decision-making on the state of the security program

Compliance & Control Governance 

  • Oversee enterprise control management activities, including control design, testing, effectiveness tracking, issue management, and remediation 

  • Map controls to applicable frameworks including NIST CSF, ISO 27001, SOC 2, and other relevant technology-sector obligations 

  • Support and maintain cybersecurity compliance certifications and initiatives (e.g., ISO 27001, SOC 2, Cyber Essentials) 

  • Perform regulatory horizon scanning to identify emerging compliance requirements and assess organizational impact 

  • Coordinate and monitor recurring security and compliance assessments, including internal reviews, control self-assessments, and gap analyses 

  • Develop and maintain metrics that measure organizational adherence to security policies, and report findings to leadership with recommendations for remediation where gaps exist 

 

Audit & Assurance Operationalization 

  • Oversee the team’s end-to-end execution of audit engagements, ensuring the audit calendar, evidence collection, issue tracking, and management responses are completed accurately and on time 

  • Serve as the primary interface for internal audit, external auditors, regulators, and customer assurance reviews, directing team members on their respective workstreams 

  • Ensure cross-functional coordination is in place so that business and technical stakeholders are audit-ready and delivering evidence on time 

  • Oversee the maintenance and integrity of the assurance evidence library to support efficient, repeatable, and high-quality audit response across all engagements 

 

FedRAMP Continuous Monitoring 

  • Provide oversight and direction for the FedRAMP Continuous Monitoring program, ensuring allConMonobligations are met in accordance withFedRAMP requirements

  • Oversee the team’s execution of recurringConMonactivities, ensuring deliverables are accurate,timely, and aligned with agency expectations

  • Ensure findings and remediation activities are tracked and managed to resolution within requiredtimeframes

  • Serve as an escalation point forConMon-related issues and interface with relevant stakeholders on program status and risk

U.S. National Base Pay Range: $118,300 - $219,800. Geographic differentials may apply in some locations to better reflect local market rates. This job is eligible for an annual incentive bonus.

We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click to access benefits specific to your location.

About Relx Group

RELX Group is a global provider of information-based analytics and decision tools for professional and business customers. The company operates in four market segments: scientific, technical and medical; risk and business analytics; legal; and exhibitions. RELX's products and services include electronic databases, online information services, workflow tools, and print and digital books. The company was founded in 1993 and is headquartered in London, England.
Learn more about Relx Group
Size
33,500 employees
Market Cap
$53.1 billion
Industry
Net Income
$1.2 billion
Founded
2018
5 Year Trend
+1%
Revenue
$7.1 billion
NASDAQ

Similar Jobs

More Jobs at Relx Group

More Information Technology Jobs

Find similar Manager Security Compliance and Risk Management jobs: