Security Analyst Risk Applications Infrastructure
Security Analyst Risk Applications Infrastructure
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Experian Employer Services Verifications and Housing (EVH) is seeking a motivated professional to join its product information security team as a Security Analyst focused on managing risks and vulnerabilities for both applications and infrastructure within a cloudfirst environment. The Security Analyst will play a critical role in safeguarding the integrity resilience and compliance of Experians IT systems ensuring alignment with regulatory and security frameworks.
This role will integrate security practices across product infrastructure and application layers assessing vulnerabilities and implementing best practices to mitigate risks. Additionally this position will support security audits and compliance efforts by evaluating systems against established control frameworks identifying deficiencies and driving remediation efforts.
You will collaborate closely with our partner teams as well as product applications and platform teams to implement security controls audit compliance and enhance security governance. The ideal candidate has experience in security controls IT audits risk management vulnerability management and cloud security with the ability to work collaboratively across multiple teams.
Key Responsibilities
- Risk Management & Governance:
- Identify assess and mitigate security risks related to IT applications and infrastructure.
- Develop and implement risk management frameworks to ensure continuous monitoring and improvement of security postures.
- Work with stakeholders to define and implement security policies and guidelines aligned with risk tolerance.
- Facilitate risk assessments and security reviews across business units and IT environments.
- Compliance & Audit Functions:
- Evaluate IT applications and infrastructure against security control frameworks (e.g. NIST ISO 27001 CIS SOC 2.
- Conduct internal security audits to assess compliance with corporate security policies and regulatory requirements.
- Identify gaps in security controls document findings and support remediation planning.
- Maintain documentation and evidence for security audits and regulatory assessments.
- Vulnerability Management:
- Collaborate with teams to analyze categorize and prioritize vulnerabilities based on severity potential impact and likelihood of exploitation.
- Track vulnerability remediation efforts and ensure timely patching and risk mitigation.
- Conduct regular security assessments of applications APIs cloud infrastructure.
- Security Operations & Monitoring:
- Monitor security tools and analyze logs for signs of suspicious activity vulnerabilities or policy violations.
- Assist with security incident response forensic analysis and remediation plans.
- Engage with internal and external stakeholders including Experians Cyber Fusion team to enhance security posture.
- Security Best Practices & Governance:
- Act as a Security Champion training and mentoring teams on security best practices secure coding and compliance.
- Assist in tracking and improving security control effectiveness across business units.
- Promote a culture of security awareness through training and engagement programs.
- Security Technology & Automation:
- Support the integration of security tools into CI/CD pipelines to enable automated security testing.
- Utilize security tooling (SAST/SCA/DAST/CSPM/DSPM) to evaluate and improve security posture.
- Enhance API security practices and application security testing methodologies.
- Collaboration & Reporting:
- Work crossfunctionally to drive security improvements.
- Generate reports for management on vulnerability status security incidents and audit findings.
- Ensure alignment of security initiatives with business objectives and risk tolerance.
Qualifications :
- Bachelors degree in Computer Science Information Technology Cybersecurity or related field (or equivalent experience).
- Industry certifications such as CISSP CISM CEH CCSP or CISA are a plus.
- Understanding of cloud platforms (AWS Azure) and cloud security best practices.
- Experience with vulnerability scanning and assessment tools for applications and infrastructure.
- Familiarity with security frameworks and compliance standards (NIST ISO 27001 SOC 2 CIS Benchmarks).
- Proficiency in security testing penetration testing and vulnerability analysis.
- Knowledge of security monitoring tools intrusion detection systems and SIEM solutions.
- Ability to assess security risks prioritize vulnerabilities and recommend remediations.
- Experience conducting security audits and control evaluations.
- Strong problemsolving skills and ability to work collaboratively in crossfunctional teams.
- Effective written and verbal communication skills for both technical and nontechnical audiences.
Additional Information :
This is a permanent remote homebased role in Costa Rica. No relocation available.
Our benefits include: Medical life and dental insurance Asociacion Solidarista International Share Save Plan Flex Work/Work from home Paid time off Annual Performance Bonus Education Reimbursement Family Bonding Bereavement Leave Referral Program and more.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is a critical part of Experians DNA and practices and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work irrespective of their gender ethnicity religion colour sexuality physical ability or age. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.
#LIML2 #LIRemote
Remote Work :
Yes
Employment Type :
Fulltime
Employment Type
Remote
