Information Security Analyst II

Information Security Analyst II page is loaded

Information Security Analyst IIApply locations Manila time type Full time posted on Posted Yesterday job requisition id R97740

Job Scope:

To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.

Key Responsibilities:

Security Assessment Management

• Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
• Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
• Demonstrate advanced knowledge in RELX security compliance policies and procedures.
• Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
• Develop and deliver training and awareness on security policies and standards to business units.
• Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
• Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
• Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
• Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
• Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
• Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
• Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
• Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
• Escalation of high impact security issues to Security Compliance Manager.

Ideal candidate profile:

Technical Skills:

• Bachelor's Degree holder.
• Background in IT, compliance, and/or information security.
• Ability to work across all levels of seniority within business teams to drive a working partnership.
• Strong analytical and critical thinking skills.
• Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
• Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
• Understanding of IT security testing and vulnerability management, and Threat Modeling.
• Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
• Understanding of Service Level Management.
• Desired understanding of OneTrust portal or Similar.
• With CompTIA Security+ or Similar or Higher.

Personal Skills:

• Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
• Good communication skills at all levels, both oral and written.
• Good interpersonal skills.
• Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
• Highly driven and self-motivated individuals.
• Skilled in project management and able to work independently in a fast-paced environment.

We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact

Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .

Please read our Candidate Privacy Policy .

We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.

USA Job Seekers:

EEO Know Your Rights .

RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.

Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.

Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

#J-18808-Ljbffr

---