LexisNexis® Risk Solutions Group is a portfolio of brands that span multiple industries providing customers with innovative technologies, information-based analytics and decision tools and data services that help businesses and governmental entities reduce risk and improve decisions to benefit people around the globe. Headquartered in metro Atlanta, Georgia, we have offices throughout the world and are part of RELX (LSE: REL/NYSE: RELX), a global provider of information and analytics for professional and business customers across industries. For more information, please visit risk.lexisnexis.com/group and www.relx.com.

LexisNexis Risk is supportive of women in Technology and has been a founding signature for the Tech Talent Charter. We have the following initiatives in place to support women in technology: Mentoring scheme for women in technology, Women’s network forum, regularly run events for schools about careers in technology to inspire the next generation of girls in technology.

Our Technology Culture:

Explore our culture of Technologists using big data to solve complex problems. We cultivate a collaborative, supportive environment where every one of our people has the Freedom to innovate, Space to be original and Trust to find your own path.

BASIC FUNCTIONS: Engages with internal and external customers, auditors, providers, and regulators to manage and facilitate security/compliance assessment exercises and audits. This includes but not limited to controls, vulnerability, and compliance assessments with related initiatives.  Identify and drive security improvement organizationally.  This position will support solutions that use technologies and processes to ensure the confidentiality, integrity, and availability of the organization’s assets, information, data, and IT services in an efficient manner through partnerships with adjacent InfoSec groups and consult across the business and technology. 

QUALIFICATIONS:

• 10+ years of IT security and information technology experience

• BS Engineering/Computer Science or equivalent experience required

• Licensing/certification preferred (at least one of the following): CISSP, CISM, CISA (or related), and/or security risk assessment certification

TECHNICAL SKILLS:

•             Advanced knowledge of security environments and strong technical foundation (on premises data centers, colocation providers and cloud service provider environments)

•             Advanced knowledge of cloud technology and associated security tools

•             Ability to liaise with auditors/clients and ensuring that any information security audits/assessments are completed satisfactorily

•             Strong organization/project planning, time management, and change management skills across multiple functional groups and departments, and strong delegation skills involving prioritizing and reprioritizing projects and managing projects of various size and complexity.

•             Advanced problem-solving experience involving leading teams in identifying, researching, and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues; prior success extracting/translating findings into alternatives/solutions; and identifying risks/impacts and schedule adjustments to facilitate management decision-making.

•             Remain current on industry standards for security in a technology environment.

•             Act as a client-facing InfoSec SME, working directly with clients and other internal/external parties

•             Facilitate on-site audits with clients

•             Respond to InfoSec RFI’s, questionnaires, and RFP’s

•             Log, track, action, and follow-up on all audit findings raised

•             Assist with maintaining policies, procedures, controls, SIGs and other documentation

•             Work with Legal teams to sure LexisNexis is adequately protected within contractual arrangements with vendors

•             To facilitate group training sessions relating to information security and cyber-defense

•             Attend certification audits

•             Attend and provide input on formal internal audits, liaising with consultants where appropriate

•             Understanding and implementation of standard security policies, standards and procedures

•             Advanced Understanding of vulnerability management

•             Advanced understanding of monitoring/alerting tools and implementation

•             Advanced understanding of governance and control implementation

•             Advanced understanding of system / security / development life cycle

SOFT SKILLS INCLUDED:

•             Excellent problem solving skills

•             Proficient Presentation skills

•             Self-starter with the ability to operate independently and be able to provide direction

•             Lead / Promote critical thinking

•             Able to lead discussions in group or team setting

•             Solid understanding of Project Management (ie. Industry Certifications, SOC Assessments, etc)

•             Proficient communication (verbal and written) and customer service skills. Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management, customers, internal staff, etc., including diction/terminology and presenting information in a concise and effective manner to clients, management, and various departments using assorted communication mediums.

ACCOUNTABILITIES:

•             Extensive knowledge and understanding of organizational policies and procedures as it relates to security, privacy, confidentiality, processing integrity and product delivery

•             Participate in timely fulfilment of customer requests commensurate to the request type (internal/external), security assessments and audits, interacting with internal and external stakeholders and auditors

•             Aggregates and provides evidence as required to assess control effectiveness in the context of an assessment process

•             Assist with compliance and promote security policies

•             Support appropriate security and risk frameworks as required for various business verticals (ie. ISO 27001, NIST 800 Series, FedRAMP, SOC, PCI, etc)

•             Support and Advise Legal and RFP Team on compliance with proposed customer agreements / contracts

•             Communicate problems and solutions to peers and management as applicable.

•             Compliance and governance: help achieve organizational initiatives and compliance and promote appropriate security policies

•             Facilitate communication with peers throughout the organization and security contacts including business units and subsidiary locations; disseminate information regarding security controls and newly identified risks.

•             Assess and measure security programs to ensure alignment with organizational directives.

•             Remain current on industry standards for security in a technology environment.

•             Manage an organized repository of information as directed (ie. confluence, sharepoint, virtual data rooms, etc)

•             All other duties as assigned

At LexisNexis Risk Solutions, having diverse employees with different perspectives is key to creating innovative new products for our global customers. We have 30 diversity employee networks globally and prioritize inclusive leadership and equitable processes as part of our culture. Our aim is for every employee to be the best version of themselves. We would actively welcome applications from candidates of diverse backgrounds and underrepresented groups. 

We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: https://forms.office.com/r/eVgFxjLmAK , or please contact 1-855-833-5120.

Please read our Candidate Privacy Policy.