Deputy Chief Information Security Officer (DCISO) - Governance, Policy and Technical Compliance
RELX

Job:

At LexisNexis Reed Tech, we believe that whenever a person works on a patent and understands the future trajectory of a specific technology, that person has the potential to fundamentally change how society operates. We are proud to directly support and serve these innovators in their endeavors to better humankind. We enable innovators to accomplish more by helping them make informed decisions, be more productive, comply with regulations, and ultimately achieve superior results. Our overall success is measured by how well we deliver these results. This position is open to Horsham PA area or home based in the Northeastern US.

We are looking for a DCISO (Governance, Policy and Technical Compliance) to join our growing team. Reporting directly to the LNRT Chief Information Security Officer (CISO), you will provide highly technical leadership in governance, policy and compliance management for client solutions at LNRT and its partners. You will also lead Compliance Security projects for government solutions providing leadership in multiple ongoing key improvements for government clients of LexisNexis Reed Tech and its partners.

LexisNexis Reed Tech is offering an unparalleled opportunity for ambitious, driven individuals that wish to take advantage of working for an entrepreneurial brand backed by a $50+ Billion, global parent company and opportunities for advancement for top performers.

Accountabilities

As a/an DCISO (Governance, Policy and Technical Compliance), you will:

• Develop, maintain, and assure information security and risk management program governance, and technical compliance with policies, standards, protocols. Create and facilitate cyber security risk assessment processes, including oversight and reporting on remediation efforts.
• Collaborate with IT executive management to identify and understand the information assets that support critical business functions and assess and strategize to manage related cybersecurity risks in a manner consistent with the overall cybersecurity risk management program and business objectives.
• Direct information security risk management initiatives and provide technical implementation solutions of compliance controls across IT.
• Partner with CISO to advise executive management on cybersecurity risk and acceptable risk tolerances, ensuring protection and compliance with regulatory requirements.
• Partner with Security Operations detection activities and adjust compliance mitigations on cyber security threats and vulnerabilities; In partnership with IT and security operations direct the development and implementation of appropriate safeguards to ensure system resiliency, protect critical infrastructure services, and detect, contain, and respond to cybersecurity incidents.
• Direct the development of effective information security awareness training programs for employees, contractors, and users, and facilitate cyber preparedness exercises involving business, technical and partner representatives.
• Provide routine updates on cyber risks, incidents and priority initiatives, and work with executive management to prioritize initiatives and spending to reduce cybersecurity risk and improve the overall information security program.
• Maintain collaborative internal and external information sharing partnerships to assure the LNRT and parent company security leadership has timely and actionable strategic cooperative compliance plans.
• Manage business continuity and disaster recovery programs, plans and annual exercises to meet all compliance requirements.
• Lead, manage and develop LNRT policy for government and commercial business that incorporates and considers all parent company and federal guidance. Plan and improve policy and the CISO strategic plan to ensure technology stays ahead of emerging federal guidance and best practices.
• Collaborate with the CISO as it pertains to IT strategic planning, transformation initiatives, enterprise architecture and operations; procurement of services and solutions, secure system architecture, evaluation of security controls, configuration, and maintenance; enterprise security budget proposals; monitoring and reporting on spending; procuring and managing contracts related to managed security services; and performance metrics.
• Perform full range of supervisory responsibilities.
• Ensure a high level of quality in compliance deliverables and possess the technical acumen to guide and improve the technical implementation of compliance controls
• Develops and executes a communication plan related to compliance and risk strategies suitable for all levels of management and staff.
• Serve as key liaison with federal clients and relevant project stakeholders to achieve project objectives.

Qualifications

Education: Bachelor's degree in a technology discipline required, Masters preferred.

Minimum 5 years of experience or demonstrate equivalent competency that has equipped you with the particular knowledge, skills, and abilities to successfully perform the duties of the position. It must include serving as a lead with responsibility for managing federal compliance that includes cloud based and on premise network infrastructure and server implementations for a large, diverse, and geographically dispersed Information Technology organization.

Demonstrate experience working with the following IT and Security elements:

Cloud Migration into Federal based environments

FISMA based Federal ATO systems / FedRAMP

DISA STIG / CIS controls

Highly Desirable Qualifications:

Knowledgeable in implementation of Zero Trust Architecture compliance

Knowledgeable in zScaler implementation, Azure Sentinel, Azure Government, Virtual Desktop Migration

Familiar with federal contracting rules and management of federal contracts

Industry related certifications (PMP, CISSP, etc)

Understanding of Commercial IT Compliance (SOX, ISO 27K, SOC2, GDPR)

In addition to specialized experience, individuals must have IT-related experience demonstrating each of the four competencies listed below.
1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Conditions of Employment

• You must be a U.S. citizen to apply for this position.
• You must successfully pass a background investigation and achieve Public Trust security clearance.
• 30% Travel required for this position

LexisNexis, a division of RELX Group, is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact accommodations@relx.com or if you are based in the US you may also contact us on 1.855.833.5120.

Please read our Candidate Privacy Policy

This job has expired.