Security & Risk Management Program Manager**Hybrid in Horsham, PA

About Our Team

Lexis Nexis Legal & Professional, which serves customers in more than 150 countries with 11,800 employees worldwide, is part of RELX () , a global provider of information-based analytics and decision tools for professional and business customers. Our company has been a long-time leader in deploying AI and advanced technologies to the legal market to improve productivity and transform the overall business and practice of law, deploying ethical and powerful generative AI solutions with a flexible, multi-model approach that prioritizes using the best model from today's top model creators for each individual legal use case.

Conditions of Employment:

You must be a U.S. citizen to apply for this position.

You must successfully pass a background investigation and achieve Public Trust security clearance.

Must be located near the Horsham, PA location for a Hybrid onsite schedule

Requirements:

+ Strong program management experience leading complex, cross-functional initiatives.

+ Experience in information security, such as vulnerability management, risk management, GRC, or security operations.

+ Understanding of vulnerability management lifecycle processes, including asset discovery, scanning, validation, prioritization, remediation, exception handling, and reporting.

+ Proven ability to lead risk reduction or remediation initiatives across multiple technical teams.

+ Experience developing executive reporting, metrics, risk records, meeting outputs, and audit artifact and risk summaries.

+ Strong stakeholder management and communication skills across technical and business audiences.

+ Experience supporting audits, compliance reviews, evidence collection, or control validation activities.

+ Familiarity with vulnerability severity models, CVSS, exploitability, asset criticality, exposure, compensating controls, and risk-based prioritization.

+ Key Attributes of the Ideal Candidate Security-first mindset with strong business judgment

+ Ability to drive execution and accountability across distributed teams Comfortable operating with ambiguity and executive visibility

+ Focus on measurable outcomes and continuous improvement  

Accountabilities

+ Own and evolve the enterprise vulnerability management program, including governance, operating model, and stakeholder alignment

+ Define and execute an integrated roadmap for vulnerability management and security risk reduction initiatives

+ Establish accountability, SLAs, and execution standards across security, engineering, and infrastructure teams

+ Lead cross-functional risk reduction initiatives; manage timelines, dependencies, and escalation to ensure delivery

+ Drive prioritization based on risk exposure, business impact, and regulatory requirements

+ Align security, infrastructure, cloud, and application teams on remediation and risk reduction priorities

+ Lead risk acceptance and exception processes, including analysis, approvals, and lifecycle management

+ Maintain risk registers, treatment plans, and exception tracking aligned to business and compliance objectives

+ Ensure appropriate risk segmentation across commercial and government environments

+ Translate vulnerability and risk data into actionable insights for leadership decision-making

+ Deliver executive-level reporting on risk posture, remediation performance, and program progress

+ Define and track metrics to measure risk reduction effectiveness and execution performance

+ Ensure audit readiness through complete, traceable documentation and remediation evidence

+ Support regulatory and government requirements, including POA&M tracking and control validation

+ Partner with GRC and audit stakeholders to meet contractual and compliance obligations

​

Work in a way that works for you

We promote a healthy work/life balance across the organisation. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

+ Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive

Wor…