at RELX INC in Augusta, Maine, United States
Business Information Security Officer/ Application Security
Do you have experience working in Installation and troubleshooting web- based environments?
Are you a strategic planner and problem-solver?
Join us in shaping a more just world.
LexisNexis, a part of RELX, is a leading global provider of legal, regulatory, and business information. We help customers increase productivity and improve decision-making and outcomes. Our 10,500 experts and innovative tools help us shape a better world for our customers and communities.
About the Role
This is an exciting opportunity to have a global impact on information security for LexisNexis Reed Technology to enhance our Culture of Security. The Business Information Security Officer (BISO) will serve as the primary point of contact between the Cyber team and our government business line, becoming a subject-matter expert to drive faster outcomes and address security issues. This is a high exposure role requiring influence and collaboration, with a passion for delivering speed to market for the business while ensuring a high level of security risk mitigation.
We are searching for an individual with strong technical leadership to execute security processes with minimal guidance and security experience. The BISO will be responsible for developing, implementing and monitoring traditional and cloud information and network security, focusing on network security, vulnerability assessment, risk assessments and secure software development lifecycle best practices by reviewing existing tools, applications and processes to help strengthen and optimize current capabilities, as well as identify gaps or technical solutions to further enhance cybersecurity effectiveness.
Conditions of Employment:
+ You must be a U.S. citizen to apply for this position.
+ You must successfully pass a background investigation and achieve Public Trust security clearance.
+ Remote preference East Coast
+ Expert working with OWASP, NIST and ISO security standards and frameworks
+ Strong knowledge of enterprise application architectures, cloud architectures and related security principles
+ Strong application security background with a focus on providing practical technical guidance to engineering teams to make products more secure
+ Experience with threat modeling, security design reviews, security architecture and pen testing
+ Working knowledge of application security concepts and best practices
+ Experience with static and dynamic security tools
+ Experience working with engineers to communicate vulnerabilities and implement security measures
+ Certification required (at least one of the following): CISSP, SANS, GIAC (or related), CEH and/or other security risk assessment certification
+ Ability to analyze potential threats and vulnerabilities to our systems, applications and processes and make sound recommendations to key stakeholders at all levels of management for implementation of controls based on knowledge of security policies, procedures and enterprise controls
+ Educate and mentor stakeholders on threat modeling frameworks, processes and principles
+ Excellent communication (verbal and written); interpersonal; customer service and presentation skills with the ability to interact with all levels of management to convey cybersecurity and risk management best practices
+ Strong project management and delegation skills in prioritizing and reprioritizing projects of various size and complexity across multiple functional groups and departments
+ Assess security metrics to track progress towards a successful security program implementation and execute on opportunities to achieve program maturity
+ Maintain communication with leadership, peers and security contacts inside and outside of the organization to understand and evaluate emerging threats to develop and disseminate information regarding security controls and newly identified risks.
+ Stay up to date with latest security trends, technologies, vulnerabilities and attacks and incorporating this knowledge into threat models
+ Review technology vendor security capabilities to determine whether they meet business needs and requirements
+ All other duties as assigned
Work in a way that works for you
We promote a healthy work/life balance across the organization, with various flexible and remote working options available to employees
Working with Us
LexisNexis Legal & Professional is proud to be an equal-opportunity employer. We are committed to equal opportunity employment regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Together, we are building a diverse and inclusive workplace.
Working for you
We believe in a healthy work/life balance. We know that your well-being and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer: – Comprehensive, multi-carrier health plan benefits – Disability insurance – Dependent care and commuter spending accounts – Life and accident insurance – Retirement benefits (salary investment plan/employer stock purchase plan) – Modern family benefits, including adoption and surrogacy.
About our Team
RELX is a global provider of information and analytics for professional and business customers across industries.
We help scientists make new discoveries, lawyers win cases, doctors save lives and insurance companies offer customers lower prices. We save taxpayers and consumers money by preventing fraud and help executives forge commercial relationships with their clients.
In short, we enable our customers to make better decisions, get better results and be more productive.