Information Security Expert, Client Security Assurance

Reporting to the Regional Lead-Client Security Assurance.

With a client-focused attitude you will:

• Lead client audits (onsite/virtual) including presentation of evidence explanation of controls planning and execution of pre and post audit activities (coordinate needed remediation etc.).
• Support commercial teams to present Experians security controls and risk posture to clients through Requests for Information / Requests for Proposal and/or pre-sales consultancy.
• Review contractual security clauses & deliverables under contractual agreements to ensure Experian does not exceed risk tolerance or be put in a position where it fails in its ability to meet client requirements. Take the lead on articulating Experians security posture to justify any changes with clients.
• Analyze audit results and post audit reports and follow up on security items.
• Conduct gap analysis and articulate contractual risks to internal stakeholders to enable risk-informed contractual decisions.
• Maintain current and up-to-date evidence repository
• Provide accurate valid and appropriate responses in a timely manner to security questionnaires and ad-hoc inquiries sent by prospective and existing clients and business partners.
• Provide SME consultancy to Business Units on Experian information security governance and risk management framework in the context of the above.
• Maintain client-facing security documentation ensuring its continued relevance and accuracy.
• Collaborate with global team members across regions to ensure consistent experiences for clients around the world and act as a mentor to junior members in sharing knowledges and experiences.

Qualifications :

• At least 8 years of experience working in an enterprise IT environment with at least 5 of those years executing internal or external audits with exposure to supporting roles
• Project management skills
• Experience leading different cyber security audits of varying complexity
• Hands-on experience auditing cloud environments and tactically implementing cloud controls (AWS GC Azure etc.)
• Experience reviewing redlining and negotiating security terms in contracts (SOW STAC etc.)
• Experience with cloud-native tools such as AWS Security Hub Azure Security Center or other 3rd party tools to assess the security posture of cloud environment against industry benchmarks (such as NIST 800-53 CIS MITTRE ATT&CK CSA CSM ISO27002 etc.)
• Professional security certification such as CCSP/CCSK/CISSP/CISM/CISA/ISO27001LA or other equivalent or willingness to pursue other relevant accreditations (company supported)

Additional Information :

Benefits/Perks:

• Great compensation package and bonus plan.
• Core benefits including medical dental vision and matching 401K.
• Flexible work environment ability to work remote hybrid or in-office.
• Flexible time off including volunteer time off vacation sick and 12-paid holidays.
• Explore all our exciting benefits here: uniqueness is that we celebrate yours. Experians culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI work/life balance development authenticity collaboration wellness reward & recognition volunteering... the list goes on. Experians people first approach is award-winning; Worlds Best Workplaces 2024 (Fortune Top 25) Great Place To Work in 24 countries and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why.

  Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experians DNA and practices and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work irrespective of their gender ethnicity religion colour sexuality physical ability or age. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.

  
  

  Remote Work :

  Yes

  
  

  Employment Type :

  Full-time