Consulting/Principal Security Engineer

BASIC FUNCTIONS: This position will provide strategic and tactical technical direction in one or more or key areas, providing management with insight and input into overall strategic decision based on advances in technology. The position also supports the Information Security departments goals and objectives by addressing escalations, and evaluation of technology controls providing key insight and research in new threats, vulnerabilities, and mitigation techniques. This position will take the lead in designing creative solutions that use technologies and processes to ensure the confidentiality, integrity, and availability of the organizations assets, information, data, and IT services in an efficient manner. QUALIFICATIONS: 10+ years of IT security experience BS Engineering/Computer Science or equivalent experience required; advanced degree preferred Licensing/certification required (at least one of the following): CISSP, CISM, SANS, GIAC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification TECHNICAL SKILLS: Advanced knowledge of security environments. Ability to conduct technical risk assessments for new applications and third parties. Understanding of compliance and governance initiatives. Analysis of security events for anomalous activity. Identification of emerging security threats. Able to develop and implement security programs. Vulnerability assessment, threat analysis, and reporting. Understanding and promotion of security policies. Strong ability to monitor security systems for threats. Advanced knowledge of security environments. Installation/troubleshooting in web-based environments. Strong organization/project planning, time management, and change management skills across multiple functional groups and departments, and strong delegation skills involving prioritizing and reprioritizing projects and managing projects of various size and complexity. Advanced problem-solving experience involving leading teams in identifying, researching, and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues; prior success extracting/translating findings into alternatives/solutions; and identifying risks/impacts and schedule adjustments to facilitate management decision-making. Advanced communication (verbal and written) and customer service skills. Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management, customers, etc., including diction/terminology and presenting information in a concise and effective manner to clients, management, and various departments using assorted communication mediums. ACCOUNTABILITIES: Conduct technical risk assessments, such as vulnerability scanning, penetration testing, risk reviews for new applications, and third-party risk assessments. Responsible for handling service requests from the Business and Technology teams. Responsible for analyzing/validating the requirements, defining the access rules, scripting the changes, and providing troubleshooting support related to any access issues. Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current capabilities, as well as identifying any gaps or technical solutions to further enhance the teams effectiveness. Communicate problems and solutions verbally and in written form to peers and management. Compliance and governance: help achieve compliance, identify compliance initiatives, and author and promote appropriate security policies. Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats. Lead the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions. Develop and implement security programs: manage and execute project deliverables; communicate to affected stakeholders including departments within the company; develop program procedures including guidelines and flow diagrams to be implemented on an ongoing basis; and develop tools or metrics that allow for the measurement of successful program implementation. Communication and outreach: maintain communication with peers throughout the organization and security contacts including Business Units and subsidiary locations; survey clients to determine appropriate communication methods; deliver solutions to help raise security awareness; and develop and disseminate information regarding security controls and newly identified risks. Assesses and measure security programs to ensure closed-loop operations. All other duties as assigned. U.S. National Base Pay Range: $104,900 - $174,700. Geographic differentials may apply in some locations to better reflect local market rates. This job is eligible for an annual incentive bonus. We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click here to access benefits specific to your location. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1-855-833-5120. Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here. Please read our Candidate Privacy Policy. We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. USA Job Seekers: EEO Know Your Rights. LexisNexis Legal & Professional is a leading global provider of legal, regulatory and business information and analytics that help customers increase productivity, improve decision-making and outcomes, and advance the rule of law around the world. We help lawyers win cases, manage their work more efficiently, serve their clients better and grow their practices. We assist corporations in better understanding their markets and preventing bribery and corruption within their supply chains. We partner with leading global associations and customers to help collect evidence against war criminals and provide tools to combat human trafficking. We endeavour to advance the rule of law across the world.Our teams are combining unparalleled legal and business information with analytics and technology to advance whats possible for the way our customers work and to advance whats possible in the world by strengthening the rule of law.