Security Engineer II

About our team

LexisNexis Legal & Professional, which serves customers in more than 150 countries with 11,800 employees worldwide, is part of RELX, a global provider of information-based analytics and decision tools for professional and business customers. Our company has been a long-time leader in deploying AI and advanced technologies to the legal market to improve productivity and transform the overall business and practice of law, deploying ethical and powerful generative AI solutions with a flexible, multi-model approach that prioritizes using the best model from today's top model creators for each individual legal use case.

About the role

As Security Engineer II, you will be a self-starter and problem solver who has familiarity with compliance and industry frameworks and standards. You will need to be ready to enhance these skills as a member of our Compliance Team initially focusing on continuous control monitoring for our FedRAMP environment. Must have US Citizenship

Requirements

• Experience in control assessment, third party risk and/or cybersecurity
• Foundational knowledge of security frameworks (FedRAMP, ISO27k, NIST, etc.)
• Proven experience in vulnerability management, including identification, assessment, tracking, and remediation of security vulnerabilities across enterprise environments.
• Hands-on experience with security tools such as vulnerability scanners and SIEM platforms
• Experience with security automation using scripting languages
• Proficiency in Microsoft Power Automate, including building, maintaining, and troubleshooting automated workflows to support business and security operations
• Excellent problem-solving skills and ability to work independently or collaboratively in a fast-paced environment
• Good communication (verbal and written), interpersonal, with the ability to interact with key stakeholders to convey the operational impact of cybersecurity issues in a confident, organized manne
• Ability to monitor security systems for threats.
• Good problem-solving skills.
• Foundational knowledge of security environments.
• Installation/troubleshooting in web-based environments

Responsibilities

• Support Continuous Monitoring activities for FedRAMP and other compliance functions including, but not limited to NIST 800-53, ISO 27001 and Service Organization Control audits
• Update Continuous Monitoring documentation including Plan of Action and Milestones (POA&M), Deviation Requests and Monthly Executive Summary
• Perform a variety of daily activities to ensure FedRAMP security controls remain in compliance. Includes monitoring and assessing daily vulnerability reports related to FedRAMP-authorized systems to ensure compliance with federal security standards.
• Identify, track, and report emerging threats and vulnerabilities, coordinating with internal teams to support timely remediation efforts.
• Ensure all FedRAMP Continuous Monitoring documentation is submitted in a timely manner
• Work closely with internal and external auditors and act as a liaison to collect, prioritize and distribute details for FedRAMP audit

• Maintain awareness of updates to FedRAMP requirements and integrate relevant changes into monitoring processes. Requires monitoring laws and regulations to maintain FedRAMP ATO status
• Ability to work with multiple teams to drive reduction in risks and improve overall compliance
• All other duties as assigned

Work in a way that works for you

Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive. We promote a healthy work/life balance across the organization. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

Working for you

We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:

• Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits
• Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
• Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
• Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
• Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
• Health Savings, Health Care, Dependent Care and Commuter Spending Accounts
• Up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice

About the business

LexisNexis Legal & Professional® provides legal, regulatory, and business information and analytics that help customers increase their productivity, improve decision-making, achieve better outcomes, and advance the rule of law around the world. As a digital pioneer, the company was the first to bring legal and business information online with its Lexis® and Nexis® services.