Security Compliance and Controls Specialist

  • Full Time
  • London
  • Location: London
  • Salary: Competitive


At Nuance, we empower people with the ability to seamlessly interact with their connected devices and the digital world around them. We are creating a world where technology thinks and acts the way people do by designing the most human, natural, and intuitive ways of interacting with technology.Our nimble technology uses analytics and advanced algorithms to transform the inanimate into animate and reduce complicated processes into simple ones.Join our Enterprise team…; great customer service starts here. We design virtual assistants for intelligent and effortless customer service helping customers find the information they need using whatever channel they prefer. We also provide multi-model biometric security solutions, including voice biometrics authentication, which provides a more human-like experience for consumers who are transacting on the go, whilst fighting the increase in fraud in online channels, phone, mobile, SMS and more.

Job Summary
The Security Compliance and Controls Specialist will be responsible for supporting the development, enforcement, maintenance and compliance of security and privacy programs within Nuance Enterprise. This is an autonomous role allowing to work on your own initiative taking full ownership of supporting relevant Enterprise compliance programs, policy and procedure development/management/compliance, pre-sales, legal collaboration and audit management.

The role will require an entrepreneurial mindset giving the exciting and career-accelerating chance to cross a variety of customer verticals with Nuance’s fascinating cutting-edge technologies. The ability to use your own judgement based on past experiences and the analysis of information is essential.

There is also potential flexibility to work from home with manager’s approval as business need allow.


Lead efforts in industry standards and regulatory compliance such as ISO 27001/27002, Cloud Security Alliance, PCI DSS, Data Protection (Privacy), and others
A thorough understanding of the Data Protection Act 1998, the EU GDPR and its implications for business and other organisations. Able to provide appropriate advice and practical support for current and emerging data protection laws
Participate in the broader Information Security governance process with Nuance Corporate and Divisional Security leaders, as needed
Lead and support internal/external audits, facilitate customer-driven and Third-party security audits/assessments
Provide pre-sales support for all Enterprise products and services, as needed
Develop remediation plans in partnership with Legal, IT, Operations and other relevant groups
Communication of the company’s security stance, including compliance issues, risks, and incidents to upper management and customers
Ideal experience: Information Systems audit, Consultant or related Information Security experience


Required Skills: 

Knowledge and experience specific to managing and reporting internal controls
Must be knowledgeable about ISO/IEC standards and PCI requirements, prior work experience in a PCI-compliant environment strongly preferred
Prior policy development and enforcement experience in a regulated environment
Knowledge of complex application, network, virtual environment security, and systems operations.
Ability to translate business requirements and risks into policy and technology implementation
Knowledge of industry-accepted risk assessment and remediation procedures
Strong interpersonal skills with the ability to deal effectively with people at all organisational levels and external vendors
Ability to manage through ambiguity and be confident and effective in high-pace/high-demand environments
Excellent oral and written communications skills with the ability to prepare and deliver concise, understandable reports and presentations
Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility at all levels
Preferred Skills:

CIPP, CIPT or ISEB in Data Protection to Practitioner level
PCI Internal Security Assessor (PCI-ISA)
Networking and infrastructure knowledge
Experience with software development/QA life cycle (SDLC), Cloud/SaaS experience
Education: 4 Year / Bachelors Degree; Computer Science, Management Information Systems, Information Technology or a related discipline.

You must register to apply for this job.