logo
title-image
Turrior - Let work find you
Recruiters get AI-ranked shortlists and automated outreach, filling roles up to 5× faster.
0%
Popularity
0d
Avg. Time to Hire
0h
Recruiter Res. Time
0%
HR Satisfaction
Careers at BehavioSec
All open opportunities, right here. Explore, apply, grow.
Apply now

Software Engineer III

21 Oct 2025
Verified by Turrior

Content + Source + Freshness • 17 Dec 2025 • 95% confidence

87 / 100

Offer value

A strong offering due to the demand for security expertise, competitive compensation, and opportunities for impactful project work.

  • Emphasis on cloud security and DevSecOps practices.
  • Competitive remuneration with career development pathways.
  • Engagement with a collaborative, innovative team.
Pros
  • High demand for security skills in cloud environments.
  • Opportunity to work with cutting-edge technologies.
  • Strong potential for career advancement within the security domain.
Cons
  • High level of expertise required may limit applicant pool.
  • Possibility of maintaining high-stakes responsibilities.
  • Potentially heavy workload in security incident response.

Who it's for

Senior / Specialist • Remote

Good fit
  • Experienced cloud security professionals.
  • Individuals passionate about application security.
  • Candidates looking to impact security frameworks.
Not recommended for
  • Entry-level candidates without relevant experience.
  • Professionals preferring roles with less technical focus.
  • Individuals seeking guaranteed work-life balance.

Motivation fit

Desire to contribute to organizational security.Interest in applying cutting-edge security practices.Willingness to stay ahead of security threats.

Key skills

Application security and DevSecOpsCloud security expertiseThreat modeling and vulnerability remediationIncident response and security monitoring
Score: 87/100 AI verified analysis

About the job

About the Business

LexisNexis Risk Solutions is the essential partner in the assessment of risk. Within our insurance vertical, we provide customers with solutions and decision tools that combine public and industry-specific content with advanced technology and analytics to assist them in evaluating and predicting risk and enhancing operational efficiency. Our insurance risk solutions help drive better data-driven decisions across the insurance policy lifecycle – all while reducing risk. You can learn more about LexisNexis Risk at the link below. https://risk.lexisnexis.com/insurance

About our Team

You will be working with our development teams on securing Java Spring Boot microservice applications deployed to our AWS and Azure cloud platforms. Our team follows DevSecOps principles, integrating security throughout the software development lifecycle. We value collaboration, continuous learning, and building security capabilities that enable developers rather than block them.

You’ll work as part of a cross-functional organization including:

  • Development teams (backend Java microservices, frontend typescript, data engineering python)

  • SRE/Platform engineers managing AWS and Azure infrastructure

  • Product managers and business analysts defining requirements

  • Security peers across the broader LexisNexis Risk organization

  • External partners: InfoSec, compliance teams, and third-party security vendors

About the Role

As a Security Engineer, you will be the security champion for our cloud-native microservices platform. You will develop and maintain security controls, harden CI/CD pipelines, and work closely with development teams to build secure, resilient applications. The ideal candidate has deep understanding of system internals and common attack vectors, demonstrating practical knowledge of DevSecOps practices and cloud security on Azure and/or AWS platforms. You will be familiar with the Secure Software Development Life Cycle and have experience implementing security controls in modern microservices architectures.

Key Responsibilities

  • Secure and maintain microservice applications and CI/CD pipelines

  • Implement DevSecOps strategy in existing and new projects.

  • Develop security controls to harden CI/CD pipelines and continuously improve application security posture.

  • Conduct threat modeling and security design reviews for new projects

  • Work with development teams to remediate vulnerabilities in applications

  • Monitor security events using SIEM tools (Grafana, Loki, Azure Sentinel)

  • Investigate and respond to security incidents and alerts

  • Conduct root cause analysis and implement preventive measures

  • Maintain incident response playbooks, procedures and security documentation

  • Establish secure coding standards and provide developer training

  • Integrate security gates into release pipelines (Dev → Non-Prod → Prod)

Requirements

  • Deep understanding of OWASP Top 10 and common vulnerability classes (injection, XSS, CSRF, etc.)

  • Working knowledge of security frameworks: NIST Cybersecurity Framework, CIS Benchmarks, MITRE ATT&CK

  • Strong grasp of the Secure Software Development Lifecycle (SSDLC) and security integration points

  • Understanding of common exploitation techniques and mitigation strategies

  • Experience with cloud IAM, network security groups, VPNs, and security policies

  • Knowledge of encryption standards, key management, and secrets handling (Azure Key Vault, AWS Secrets Manager, HashiCorp Vault, Akeyless)

  • Understanding of container security best practices (Docker, Kubernetes)

  • Familiarity with infrastructure as code security (Terraform, ARM templates)

  • Ability to read and review Java code for security vulnerabilities

  • Understanding of API security best practices (authentication, authorization, rate limiting, input validation)

  • Knowledge of authentication/authorization mechanisms (OAuth 2.0, SAML, JWT, OpenID Connect)

  • Experience with microservices security patterns (service mesh, mutual TLS, zero trust)

  • Familiarity with Spring Boot framework security features (Spring Security, etc.)

  • Strong proficiency with CI/CD security: GitHub, GitHub Actions

  • Experience integrating security tools into build pipelines (SAST, DAST, dependency scanning)

  • Proficiency with Git for version control and secure development workflows

  • Hands-on experience with security testing tools:

  • Required: Web app security testing (Burp Suite, OWASP ZAP, or equivalent)

  • Preferred: Network analysis (Wireshark, tcpdump), port scanning (Nmap), vulnerability scanning

  • Understanding of dependency scanning and software composition analysis (Dependabot, Snyk, etc.)

  • Experience with logging and SIEM platforms for security monitoring (we use Grafana, Loki, Azure Sentinel)

  • Ability to create security dashboards and alerts

  • Familiarity with log analysis and threat hunting techniques

  • Proficiency in at least one scripting language: Python, Bash, or PowerShell

  • Experience automating security testing, compliance checks, or vulnerability management

  • Strong communication skills, ability to explain security vulnerabilities and risks to both technical and non-technical audiences

  • Thrive in a distributed/remote team environment with minimal supervision

  • Stay current with emerging threats, vulnerabilities, and security best practices

Preferred Qualifications

  • Security certifications (CISSP, CEH, OSCP, Azure Security Engineer Associate)

  • Experience in insurance, financial services, or regulated industries

  • Knowledge of data privacy regulations and PII/PHI handling

  • Experience with Power BI security and row-level security (RLS)

  • Background in penetration testing or red team operations

  • Contributions to open-source security projects

Experience and Education

  • 4+ years in Application Security, DevSecOps, or Software Engineering with demonstrated security focus

  • 3+ years securing cloud environments (Azure preferred, AWS acceptable, multi-cloud experience a plus)

  • B.Sc. in Computer Science, Engineering, Cybersecurity, or equivalent practical experience with demonstrable security expertise (certifications, portfolio, contributions)

Apply today, or to learn more about opportunities with LexisNexis Risk Solutions or RELX Global, join us here:


https://risk.lexisnexis.com/group/careers

www.relx.com/careers/join-us

We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1-855-833-5120.

Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.

Please read our Candidate Privacy Policy.

We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.

USA Job Seekers:

EEO Know Your Rights.

Similar Jobs

5 months ago
Apply now
Software Engineer III
BehavioSec
5 months ago
Apply now
Software Engineer III
BehavioSec
5 months ago
Apply now
Software Engineer III
BehavioSec
5 months ago
Apply now
Software Engineer III
BehavioSec
5 months ago
Apply now
Software Engineer III
BehavioSec

End-to-end AI hiring for modern HR teams

Turrior uses artificial intelligence to create job listings, automate candidate screening, conduct video interviews, and apply comprehensive AI scoring — helping companies hire faster, more accurately, and with lower operational costs.

Key benefits:

  • AI-powered job creation and structured job data
  • Intelligent candidate screening and automated shortlisting
  • Video interviews with AI-based answer analysis
  • Comprehensive AI scoring of skills, experience, and role fit
  • Recruitment process automation and reduced time-to-hire
Free trialSee how it works

Share job