Security Engineer I
Location: Alpharetta, Georgia, United States
Security Engineer I
TheSecurity Engineer Iwill, under general supervision, performs a wide variety of duties in support of technical or administrative assignments using established procedures. May assist in the preparation, presentation, and follow-up of proposals with supervision. May also participate in activities in support of multiple projects. Independently performs work as assigned by Management. Employee has limited autonomy for an assigned area or responsibility within a function.
Interacts daily with supervisor, peer groups, and customers. Interaction normally involves exchanges or presentation of factual information.
The candidate will be part of the Information Security team responsible for Security platform engineering, Operation and audit for LexisNexis Risk Solutions Inc.
Areas of focus will be a combination of day-to-day security operations andstrategic architecture of LexisNexis Risk Solutions data center and customer environment.
Experience (US only) and Education
Managing routine penetration testing services
Providing manual penetration testing and standards gap analysis services to internal business and technology partners
Understand Risk assessment and risk treatment plans
Analysis of the organizations threat landscape and ability to define holistic security solutions
Supporting, Improving and maintaining secure development standards and application security framework projects
Supporting Vendor Management activities to ensure 3rd party software and development meet security standards
Providing security requirements for test driven design to assess control effectiveness
Vulnerability and Penetration testing
support the planning, design and implementation of these security solutions
3rd line support - gain experience of in-depth technical support of network and security technologies.
Hands-on experience performing application static security and penetration assessment with tools such as AppScan, Fortify, BurpSuite, OWASP ZAP Proxy, WebInspect, Fortify, Veracode, Nessus etc.
Industry certification such as Security+, CEH, CSSLP desirable
Knowledge of OWASP Top 10/ SANS Top 25, identify vulnerabilities via manual and automated testing methods and how to effectively remediate vulnerabilities associated with each. Ability to recognize and escalate Security issues
Exposure to application security testing (source code review and web/mobile application penetration tests)
Good understanding of defensive, corrective and detective controls and requirements
Familiarity with different types of security vulnerabilities and tools for countermeasure
The candidate should be well versed in Information security principles at an Intermediate level
Previous Analytic and troubleshooting experience is required
The candidate must demonstrate an ability to work across department
At LexisNexis Risk Solutions, we believe in the power of data and advanced analytics for better risk management. With over 40 years of expertise, we are the trusted data analytics provider for organizations seeking actionable insights to manage risks and improve results while upholding the highest standards for security and privacy. Headquartered in metro Atlanta, LexisNexis Risk Solutions serves customers in more than 100 countries and is part of RELX Group plc, a world-leading provider of information and analytics for professional and business customers across industries. For more information, please visit LexisNexis Risk Solutions is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact or .