Risk And Compliance jobs in United States

Client: Turnitin, LLC

Location: Newcastle upon Tyne, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Reference: 709d5ef48efc

Job Views: 6

Posted: 24.04.2025

Expiry Date: 08.06.2025

Turnitin is seeking an experienced Security GRC Analyst to join our Security & Compliance team. The Sr Security GRC Analyst will be responsible for ensuring that our information and cloud systems comply with relevant regulatory frameworks, industry standards, and internal policies. They will collaborate with various departments, monitor compliance, conduct assessments, and support initiatives to identify and mitigate risks.

We are looking for someone with strong analytical ability, attention to detail, effective communication, compliance experience, and a willingness to learn. This role requires hands-on work, critical thinking, and the ability to find new solutions for compliance.

This role reports to the GRC Information Security Manager.

1. Maintain compliance tracking capabilities to ensure adherence to Turnitin’s security program and standards such as NIST CSF, NIST 800-53, SOC 2, TX-RAMP, and PCI DSS.
2. Conduct risk and compliance assessments, audits, and evaluations to identify gaps.
3. Lead preparation and audit activities for SOC 2 Type 2 compliance.
4. Collaborate with internal teams and external auditors for reviews.
5. Respond to security questionnaires from customers in collaboration with sales and support teams.
6. Support Third-Party Risk Management (TPRM) Program and conduct third-party risk assessments.
7. Complete user access reviews.
8. Administer the GRC platform.
9. Develop and document security policies, standards, and processes.
10. Provide security awareness and phishing training to employees and promote a culture of security and compliance.
11. Coordinate phishing testing.
12. Work with DevOps, IT, Legal, Engineering, People Team, and other departments to integrate security controls and policies.
13. Suggest improvements and automation for team processes.

1. Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
2. 3+ years of experience in Information Security or Cybersecurity Compliance.
3. Professional certifications such as CCSK, AWS Cloud Practitioner, or similar.
4. Familiarity with cybersecurity frameworks and standards like NIST, SOC 2, TX-RAMP, PCI DSS.
5. Knowledge of risk management and security best practices.
6. Experience with security controls assessment, risk mitigation, and audits.
7. Understanding of AWS Cloud Infrastructure security.
8. Experience with security impact analysis for system changes.
9. Experience with security reviews and risk assessments to ensure compliance.
10. Experience conducting third-party risk assessments.
11. Contract review experience related to security requirements.
12. Highly organized and proactive, capable of managing multiple responsibilities.

1. Experience with SOC 2 audits or NIST authorizations.
2. Experience with Jira and Confluence.
3. Hands-on experience with Wiz, KnowBe4, Hyperproof.
4. Knowledge of security assessment of cloud services (AWS).
5. Entry-level cybersecurity certifications such as Security+, GSEC, or CISSP.

Additional Information

Turnitin offers a comprehensive Total Rewards package, including competitive pay, health and wellness programs, generous time off, and a remote-centric culture that supports purpose and accountability. We value diversity and inclusion, and our mission is to ensure the integrity of global education and improve learning outcomes.