Jobs · Information Technology · North Carolina

Senior Security Engineer II

LexisNexis · Raleigh, NC · 2 mo ago
Information Technology$95k–$159k/yrFull-time

About the role

This position is a Hybrid role on site in the Raleigh, N.C. office 2-3 days a week. Senior Security Engineer II - Compliance Automation & Controls

Responsibilities

  • Lead implementation and administration of a GRC platform (e.g., Vanta)
  • Configure controls, evidence mapping, and integrations (AWS, identity systems, etc.)
  • Establish automated evidence collection and continuous monitoring
  • Reduce reliance on manual evidence gathering
  • Develop and maintain a unified control framework aligned to SOC 2, ISO 27001, and other standards
  • Define control statements, evidence requirements, and testing expectations
  • Map controls across frameworks to reduce duplication
  • Maintain traceability between controls and evidence
  • Establish team-based ownership model for controls
  • Align systems and services to responsible teams
  • Improve ownership visibility to reduce audit coordination overhead
  • Audit Enablement
  • Support audit readiness through well-defined and monitored controls
  • Partner with compliance team to streamline audits
  • Enable evidence reuse across frameworks
  • Process Standardization & Continuous Improvement
  • Standardize documentation and workflows
  • Improve efficiency and reduce audit fatigue
  • Support policy and standards development
  • Define and track compliance metrics, leveraging automation and data analytics to support continuous audit readiness and control effectiveness

Requirements

  • Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related technical field, or equivalent practical experience
  • 5+ years of experience in security, compliance, or audit-focused roles
  • Proven experience leading ISO/IEC 27001 and SOC 2 audits end-to-end
  • Strong understanding and experience with control frameworks
  • Strong stakeholder management and auditor-facing communication skills
  • Experience in cloud-native or SaaS environments (AWS, Azure, or GCP preferred)

Preferred Qualifications

  • Experience with automation and continuous compliance
  • Certifications such as CISSP, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor
  • Multi-framework experience
  • Experience scaling compliance programs in high-growth environments

Similar jobs

Senior Security Engineer II

BerryDunn — Assurance, Tax and ConsultingUnited States· 3 mo ago
RemoteInformation Technology$155k–$180k/yrapply on careers-berrydunn.icims.com