Relx Group

Senior Security Engineer II

Relx Group$95K — $158K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a technical field or equivalent experience.
  • 5+ years in security, compliance, or audit-focused engineering roles.
  • Hands-on experience with compliance-as-code and automated frameworks.
  • Proven ability to lead ISO/IEC 27001 and SOC 2 audits end-to-end.
  • Familiarity with additional frameworks like Cyber Essentials and NIST.
  • Strong understanding of NIST SP 800-63 and identity controls.
  • Experience managing GRC platforms like AuditBoard or Drata.

Responsibilities

  • Lead audits across multiple compliance frameworks.
  • Own the full audit lifecycle from planning to remediation.
  • Set direction for the organization's compliance program.
  • Map controls across frameworks to improve efficiency.
  • Implement compliance-as-code practices in workflows.
  • Integrate compliance checks into CI/CD pipelines with engineering teams.
  • Administer and optimize the GRC platform, maintaining audit-ready documentation.

Benefits

  • Country-specific benefits tailored to employee well-being.
  • Annual incentive bonus opportunity.
Full Job Description
This position is a Hybrid role on site in the Raleigh N.C. office 2-3 days a week.

Senior Security Engineer II - Compliance Automation & Controls

About the Role

We are seeking a Senior Security Engineer to design and implement a scalable Governance, Risk, and Compliance (GRC) foundation across our cloud-based environment. This role will focus on standardizing controls, improving ownership visibility, and enabling automated evidence collection to support continuous compliance across SOC 2, ISO 27001, Cyber Essentials, and related frameworks. This is a transformation-focused role. The successful candidate will partner with compliance, security, and engineering teams to move the organization from a manual, audit-driven model to a structured, automation-enabled GRC program.

Responsibilities

GRC Platform Implementation & Automation
• Lead implementation and administration of a GRC platform (e.g., Vanta)
• Configure controls, evidence mapping, and integrations (AWS, identity systems, etc.)
• Establish automated evidence collection and continuous monitoring
• Reduce reliance on manual evidence gathering

Control Framework Development
• Develop and maintain a unified control framework aligned to SOC 2, ISO 27001, and other standards
• Define control statements, evidence requirements, and testing expectations
• Map controls across frameworks to reduce duplication
• Maintain traceability between controls and evidence

Ownership & System Mapping
• Establish team-based ownership model for controls
• Align systems and services to responsible teams
• Maintain lightweight system inventory
• Improve ownership visibility to reduce audit coordination overhead

Audit Enablement
• Support audit readiness through well-defined and monitored controls
• Partner with compliance team to streamline audits
• Enable evidence reuse across frameworks

Process Standardization & Continuous Improvement
• Standardized documentation and workflows
• Improve efficiency and reduce audit fatigue
• Support policy and standards development
• Define and track compliance metrics, leveraging automation and data analytics to support continuous audit readiness and control effectiveness
• All other duties as assigned

Requirements
• Bachelor's degree in Computer Science, Information Security, Information Systems, or a related technical field, or equivalent practical experience
• 5+ years of experience in security, compliance, or audit-focused roles
• Proven experience leading ISO/IEC 27001 and SOC 2 audits end-to-end
• Hands-on experience with a GRC platform (AuditBoard, Drata, Vanta, or similar) - required
• Strong understanding and experience with control frameworks
• Ability to translate technical implementations into audit-ready controls and documentation
• Strong stakeholder management and auditor-facing communication skills
• Experience in cloud-native or SaaS environments (AWS, Azure, or GCP preferred)

Preferred Qualifications
• Experience with automation and continuous compliance
• Certifications such as CISSP, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor
• Multi-framework experience
• Experience scaling compliance programs in high-growth environments

Work in a way that works for you

We promote a healthy work/life balance across the organization, with various flexible and remote working options available to employees

Working for you

We believe in a healthy work/life balance. We know that your well-being and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:

- Comprehensive, multi-carrier health plan benefits - Disability insurance - Dependent care and commuter spending accounts - Life and accident insurance - Retirement benefits (salary investment plan/employer stock purchase plan) - Modern family benefits, including adoption and surrogacy

#AIFluent
U.S. National Base Pay Range: $95,300 - $158,800. Geographic differentials may apply in some locations to better reflect local market rates.This job is eligible for an annual incentive bonus.
We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click here to access benefits specific to your location.

About Relx Group

RELX Group is a global provider of information-based analytics and decision tools for professional and business customers. The company operates in four market segments: scientific, technical and medical; risk and business analytics; legal; and exhibitions. RELX's products and services include electronic databases, online information services, workflow tools, and print and digital books. The company was founded in 1993 and is headquartered in London, England.
Learn more about Relx Group
Size
33,500 employees
Market Cap
$53.1 billion
Industry
Net Income
$1.2 billion
Founded
2018
5 Year Trend
+1%
Revenue
$7.1 billion
NASDAQ

Similar Jobs

More Jobs at Relx Group

More Information Technology Jobs

Find similar Senior Security Engineer II jobs: