Elanco · 12 hours ago
Information Security Business Analyst for Legal and Compliance
Indianapolis, IN
Full-time
Hybrid
Senior Level
5+ years expElanco is a global leader in animal health dedicated to innovation and delivering products and services for farm animals and pets. They are seeking a motivated Business Analyst focused on Legal & Compliance to analyze business processes, identify compliance risks, and implement information security solutions that align with legal and ethical obligations.
ManufacturingPetLogisticsSupply Chain Management
Responsibilities
Drive legal and regulatory cybersecurity priorities in partnership with Legal, Compliance, Privacy, Risk, and Technical Security, balancing risk management, business needs, and regulatory obligations across the organization
Partner with business, Legal, and IT teams to embed security, privacy, and compliance requirements into business processes, systems, and third-party engagements using risk-based and secure-by-design principles
Support regulatory exams, audits, and legal inquiries related to information security
Translate cybersecurity, legal, and compliance risks into clear business language for leadership, including presenting risk assessments, metrics, compliance status, and risk acceptance recommendations to executive stakeholders
Build strong relationships with internal stakeholders and selective external partners (vendors, suppliers, and service providers) to assess, manage, and reduce third-party cyber, legal, and compliance risks
Support governance, risk, and compliance (GRC) programs by helping define, implement, and socialize policies, standards, and control requirements, and by promoting security- and compliance-aware behaviors across the business
Monitor compliance and drive remediation efforts to improve the organization’s security and compliance posture, ensuring alignment with internal policies, industry frameworks (e.g., NIST, ISO), contractual obligations, and regulatory requirements
Stay current on evolving regulatory requirements, legal expectations, and cybersecurity risk trends, and help translate those changes into practical guidance, controls, and business-ready solutions
Qualification
Required
Bachelor's degree in Information Technology, Computer Science, Business Administration, Legal Studies, or a related field. Equivalent years of experience in lieu of a degree will be considered and supported
5+ years of experience as a Business Analyst, preferably within an information security, legal, or compliance department
Demonstrated experience working with legal and regulatory frameworks such as GDPR, CCPA, HIPAA, GxP, SOX, etc
Experience in risk management, audit, or compliance functions is a strong plus
Experience working within a BISO or similar security governance organization is highly desirable
Strong analytical and problem-solving skills
Excellent written and verbal communication skills, with demonstrated ability to explain technical, security, and legal concepts clearly to non-technical and executive audiences
Proven experience producing high-quality documentation, including business and security requirements, control specifications, process flows, and use cases
Solid understanding of information security principles, control frameworks, and assurance standards (e.g., NIST 2.0, ISO 27001, SOC 2) and their application in regulated environments
Strong organizational skills, attention to detail, and ability to manage multiple priorities in a fast-paced, global environment
Ability to work independently while effectively collaborating across cross-functional and geographically distributed teams
Experience supporting third-party risk management, vendor security assessments, and contractual security reviews
Working knowledge of privacy regulations and data protection concepts and their security implications
Understanding risk management practices, control design, and security governance processes across the solution lifecycle
Demonstrated business acumen with the ability to understand business objectives and translate them into risk-informed security requirements and controls
Strong learning agility with the ability to quickly absorb new regulatory, technical, and business concepts
Proven ability to influence, negotiate, and drive alignment
Demonstrated ability to establish and leverage trusted relationships with Legal, Compliance, Privacy, Security, and business stakeholders to advance governance and risk objectives
Experience operating in a global organization with distributed stakeholders and complex regulatory environments
Preferred
Relevant certifications such as CISA, CISM, CRISC, GRC, CISSP, IAPP, CIPP/E, or CIPM (or equivalent)
Benefits
Multiple relocation packages
Two weeklong shutdowns (mid-summer and year-end) in the US (in addition to PTO)
8-week parental leave
9 Employee Resource Groups
Annual bonus offering
Flexible work arrangements
Up to 6% 401K matching
Company
Elanco
Elanco is an animal health company that manufactures and markets a diverse range of products to promote animal health and well-being.
5001-10000 employees
H1B Sponsorship
Elanco has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (9)
Funding
Current Stage
Public CompanyTotal Funding
$252.86MKey Investors
AncoraBill & Melinda Gates Foundation
2023-12-30Post Ipo Equity· $250M
2018-09-19IPO
2017-05-24Grant· $2.86M
Leadership Team
Dave Kinard
Executive Vice President Human Resources, Corporate Affairs & Administration
Justine Conway
Global Head of Business Development and External Innovation
Recent News
2026-01-03
2025-12-18
Company data provided by crunchbase