LexisNexis Risk Solutions · 1 month ago
BISO-Business Information Security Officer
Pennsylvania
Full-time
Onsite
Senior Level
$154K/yr - $285K/yrElsevier Inc. is a renowned global information analytics company that focuses on providing scientific, technical, and medical research content, tools, and services. The BISO will be responsible for planning, organizing, and executing enterprise-wide information and security initiatives, focusing on Cloud Infrastructure, risk management, and cybersecurity defenses.
AnalyticsHealth CareInformation TechnologyInsurTechRisk ManagementSoftware
Responsibilities
Driving information, cyber, and infrastructure security governance across all business and technology units, ensuring alignment with enterprise cybersecurity programs, objectives, and regulatory requirements
Serving as the primary liaison between Business Units, Cloud Engineering, and the Cyber Security organization to embed security awareness and best practices into AWS cloud operations, CI/CD pipelines, and DevOps workflows
Leading cloud security oversight for AWS environments, including configuration management, identity and access controls, encryption, and compliance with organizational policies and industry standards (ISO 27001, NIST, SOC 2)
Managing and coordinating technical risk assessments — including vulnerability scanning, penetration testing, and application risk reviews — to ensure secure deployment across cloud and hybrid infrastructures
Overseeing the security posture of CI/CD pipelines (Jenkins, GitHub Actions, or similar), integrating automated scanning tools and secure code validation into build and deployment processes
Collaborating with DevOps and Infrastructure teams to define and implement secure-by-design practices for containerized workloads, Kubernetes clusters, and AWS-native services (EKS, EC2, S3, Lambda)
Defining and executing a risk-based information and infrastructure security strategy, including setting measurable goals, developing security training programs, and creating roadmaps for improving DevSecOps maturity
Developing and report cybersecurity metric scorecards to track compliance with enterprise standards, vulnerability remediation progress, and adoption of security controls across business and cloud environments
Providing expert guidance on security architecture decisions, evaluating new tools and technologies for impact on cloud environments, automation frameworks, and enterprise security strategy
Leading cross-functional security initiatives to ensure business innovation aligns with secure architecture principles, risk management standards, and ongoing governance frameworks
Qualification
Required
Possess a strong proficiency with AWS services (EC2, S3, IAM, Lambda, CloudTrail, CloudWatch, KMS, GuardDuty, Security Hub, WAF, etc.)
Have the ability to design secure, scalable cloud architectures with proper identity, access management, and network segmentation
Experience with AWS Config, AWS Control Tower, or Terraform for compliance automation and infrastructure as code (IaC)
Possess an understanding of Kubernetes (EKS), Docker, and container image scanning tools
Hands-on experience integrating security controls into Jenkins, GitHub Actions, or GitLab CI pipelines
Familiarity with code scanning tools (Snyk, SonarQube, Checkmarx, or Veracode) and dependency management
Scripting proficiency (Python, Bash, or PowerShell) to automate security testing and compliance checks
Experience implementing vault solutions (HashiCorp Vault, AWS Secrets Manager)
Ability to translate technical risks into business terms for senior stakeholders and non-technical leaders
Experience partnering with IT, Cloud, and Business Units to embed security in strategic initiatives
Leading security programs, tracking KPIs/metrics, and ensuring timely delivery of remediation plans
Designing and delivering cybersecurity awareness programs tailored to business functions
Benefits
Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits
Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
Health Savings, Health Care, Dependent Care and Commuter Spending Accounts
In addition to annual Paid Time Off, we offer up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice
Company
LexisNexis Risk Solutions
LexisNexis Risk Solutions provides information to assist customers in industry and government in assessing, predicting, and managing risk. It is a sub-organization of ChoicePoint.
Founded in 2000
10001+ employees
H1B Sponsorship
LexisNexis Risk Solutions has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (129)
2024 (132)
2023 (86)
2022 (98)
2021 (125)
2020 (53)
Funding
Current Stage
Late StageLeadership Team
Bill Madison
CEO - Insurance Solutions
Mark Kelsey
Chief Executive Officer, LexisNexis Risk Solutions
Recent News
BiometricUpdate.com
2025-12-27
2025-12-11
Company data provided by crunchbase