RELX Group/LexisNexis
*Position Title:
*Location:
*Position Type:
*Compensation:
*Start Date:
Information Security Assurance Auditor
Alpharetta, GA (Atlanta Metro Area)
Full-Time
Salaried
10/19/2015
ISACA Atlanta is not responsible for the content or accuracy of this job posting.
*JOB DESCRIPTION
The role is responsible for performing information security audits at all RELX businesses globally. The role will play a key role in
helping to embed robust internal information security controls over technology in the review of RELX businesses. The role will
focus on working with the business to identify areas of improvement as a result of the audits and will also contemplate working
with new and emerging technologies such as cloud, mobile, etc.
The results of the information security audits will be discussed with internal counsel and IADP management and business
process improvements will be identified and discussed/agreed. The results will ultimately be reported to the Audit Committee.
This position will have frequent interaction with the RELX Audit & Risk Management (A&RM) team on audit coordination. The
team member will gain broad exposure to the information technology systems and electronic products of RELX’s diverse
businesses around the world.
The role will provide a broad exposure to diverse businesses and involves a degree of international travel with exposure to a
dynamic and culturally rich environment. Participate in the execution of information security test plans and reporting under the
supervision of the Information Security Assurance Manager. The Information Security Assurance Auditor shall execute on the
core IT security audit job duties with direct supervision from the Information Security Assurance Manager. These reviews will
identify Information security and business risks, in addition to identifying cost savings opportunities. Such reviews will typically
cover the following areas: firewall, security architecture and strategy, identity and access management; data leakage prevention;
encryption; data flows; information security design and governance; incident management; application audits; network reviews;
disaster recovery/business continuity planning; system development life cycle (SDLC) reviews; and general computer controls
reviews.
Act as an advisor to management on information security controls through direct interaction. Assist with identifying mitigating
controls and remediation strategies for management to implement. Assist with tracking the business unit’s implementation of
remediation items to ensure they are completed in a timely manner. Report to IADP on business unit’s progress of
implementation of remediation items.
Work with the Information Security Assurance Manager to identity and promote pragmatic information security best
practices across RELX Group. Duties also include working with IADP management on existing and proposed information
technology projects to integrate continuous auditing technologies such as audit hooks and integrated test facilities into these
applications. Identifying control gaps and process improvements and communicating such to the VP, IT Security & Regulatory
Controls Assurance.
Assist the Information Security Assurance Manager in the development of the annual Information Security Assessment Audit
Plan by reviewing and analyzing the IADP Risk Assessment, ISC Risk Assessment and coordinating with the A&RM enterprisewide Risk Assessment process to develop a Risk Universe. This role will also work closely with the IADP IT Security &
Regulatory Controls Assurance group to team on audits which may overlap or touch similar business areas to reduce/minimize
the impact to the business.
Perform the execution and reporting of Information Security reviews of RELX Group and its related affiliates with direct
supervision from the Information Security Assurance Manager.
Ad-hoc assignments (analysis, audit committee meeting preparation, etc.) as required.
*JOB REQUIREMENTS
Travel:
Education:
Experience:
Certification:
35% or less travel required
B.A. or B.S. Degree in MIS, Computer Science (or
equivalent), Finance or Accounting Required
2+ Years IT Security/system experience
Required: CISA or CISSP
Desired: SANS GIAC
COMPANY INFORMATION
RELX Inc. is a world leading provider of professional information solutions in the Science, Medical, Legal, Risk and Business
sectors. Reed Elsevier employees approximately 26,000 employees in over 285 locations worldwide. Our customers are using our
products every day to advance science, improve medical outcomes, enable better legal decisions, evaluate risk, forge business
ISACA Atlanta Job Posting Form – Template Version 1.2: 03/23/04
Page #1
relationships and gain business insight. We put the highest priority on recruiting, developing and retaining outstanding people.
Our managers are directly responsible for the development of their people. We recognize and reward achievement. We enjoy
what we do and we celebrate success. We empower our people to maximize their potential and contribution. We respect our
people and believe in open and honest communication. We behave in an ethical and principled manner. We are an employer of
choice, attracting and developing talented and creative people who thrive in a challenging and fastpaced environment. We offer
an excellent compensation and benefits package as well as a real opportunity for career growth in a growing organization.
CONTACT INFORMATION
Job Reference:
REE00568
*Contact Name:
Asim Fareeduddin
*Method:
asim.fareeduddin@relx.com
Website:
https://reedelsevier.taleo.net/careersection/15/moresearch.ftl?lang=en
SPECIAL INTRUCTIONS:
Please apply on the Website listed above by searching for the job number.
ISACA Atlanta Job Posting Form – Template Version 1.2: 03/23/04
Page #2