Company Overview

At Nuance, we empower people with the ability to seamlessly interact with their connected devices and the digital world around them. We are creating a world where technology thinks and acts the way people do by designing the most human, natural, and intuitive ways of interacting with technology.

Our nimble technology uses analytics and advanced algorithms to transform the inanimate into animate and reduce complicated processes into simple ones.

The Nuance Global IT team is focused on supporting the company and employees with technical solutions and expertise that help the business run more efficiently, ensure security and data privacy, and support new IT infrastructure initiatives that drive innovation. Our team is composed of problem solvers with constant curiosity and different perspectives who love to collaborate to transform and rethink IT.

Job Summary

Summary: This position is responsible for key aspects of Nuance’s security governance and compliance program within the divisions. Works alongside development, operations, and IT management to understand existing solutions and provide advice in control implementation. The individual will work with the division to evaluate the design and effectiveness of the control environment, both operational and technical, develop trending for remediation efforts and overall compliance with operational standards, and build compliance programs including detailed exception reporting and monitoring requirements. Will plan and lead compliance testing controls assessment and documentation across all domains for HITRUST, ISO27001, SOCII, and other compliance requirements as needed.

Responsibilities:

• Support and maintain the divisions’ information security governance, risk and control frameworks
• Maintain awareness of external regulations for new or changed requirements within the divisions (HIPAA, HITRUST, PCI, ISO27001, etc.)
• Coordinate with internal and external auditors
• Review audit results with the division providing observations, recommendations and conclusions
• Monitor and lead internal compliance against information security governance framework by conducting testing and internal control reviews and risk assessments.
• Participates in pre-sale activities to efficiently convey how customer requirements map to corporate policies and the divisions’ controls
• Prepares accurate, timely oral and written communications to division management.

Qualifications

Number of Years of Work Experience: 5

Required Skills:

• Information Security technology background
• Well versed in security policies
• Strong understanding of HIPAA, HITRUST, SSAE 18 and similar
• Understanding of common security technologies
• Understanding of the information security vendor landscape
• Well versed in security governance, risk & compliance and security audit practices
• Knowledge of network security, systems security, and application security

Preferred Skills:

• Project management experience
• International experience or knowledge
• IT Audit/Compliance experience desired
• Helpful to have knowledge of one or more GRC platforms
• CISSP, CISM, CISA, and other such credentials

Education: Bachelor’s degree in related field 

Additional Information

Nuance offers a compelling and rewarding work environment. We offer market competitive salaries, bonus, equity, benefits, meaningful growth and development opportunities and a casual yet technically challenging work environment. Join our dynamic, entrepreneurial team and become part of our continuing success.  

Nuance Communication Inc.  is an equal opportunity employer.  We evaluate qualified applicants without regard to race, age, color, religion, sex, national origin, disability, veteran status, gender identity, sexual orientation and other legally protected characteristics. The EEO is the Law poster and its supplement is available here. If you need a reasonable accommodation because of a disability for any part of the employment process, please call 781-565-5086 – Human Resources Department and let us know the nature of your request and your contact information.