Information Security Controls Automation Specialist

Experian Global Security Office are looking for an Information Security Controls Automation Specialist. You will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premises and in the cloud to ensure they are robustly designed and effectively implemented to safeguard Experians assets. You will automate the review of security controls by reducing manual effort and increasing assessment efficiency.

You will blend cybersecurity governance risk and compliance (GRC) and automation engineering to improve evidence collection and control validation crucial for supporting the security organizations control assurance program. You will collaborate with control owners engineers and the security control assurance team to identify automation opportunities implementing scripts or integrations for both on-prem and cloud environment tools and validating outputs against the security controls and defined test steps.

This is a Hybrid position with 2 days a week expected in the office in Nottingham or London reporting to the Information Security Risk and Controls Director.

Summary of Primary Responsibilities

• Analyze and automate existing manual test steps for assessing operating effectiveness of security controls in both cloud and on-prem environments
• Develop automated control mechanisms (e.g. scripts APIs compliance dashboards) integrating validation logic into CI/CD pipelines cloud environments and endpoint tools.
• Enable continuous control monitoring (CCM) by developing reusable logic and ensuring automated controls produce evidence fit to support control assessments.
• Develop dashboards visualizing compliance status and resolve platform integration errors.
• Analyze false positives and drive remediation of those indicators.
• Maintain a control automation backlog and document all automated control logic control mappings and system configurations.

Qualifications :

• Experience in automation development ideally specific to information security controls.
• Experience with information security control testing methodologies information security risk assessments auditing tools and an interest in emerging technologies..
• Security tooling (e.g. SIEM Identity and Access Management platforms DLP) cloud platforms (AWS GCP Azure) Infrastructure as Code (Terraform) and scripting languages (e.g. Python). Experience with workflow platform such as
• Knowledge of cloud architecture and cybersecurity domains and principles.
• Professional certification such as AWS Solutions Architect CCSP CISSP CRISC ISO 27001 Lead Auditor or equivalent.

Technical skills

• Knowledge of security controls provided by tools such as Sailpoint Rapid7 MS Defender.
• Hands-on experience with API integrations and scripting (e.g. Python PowerShell JavaScript).
• Experience with IT Service Management DevOps Identity and access management ERP systems (e.g. SAP Oracle) and GRC tools.
• Experience leveraging automation data driven testing techniques and generative AI to gain efficiency in control assurance.

Additional Information :

Benefits package includes:

• Great compensation package and discretionary bonus plan
• Core benefits include pension bupa healthcare sharesave scheme and more
• 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experians DNA and practices and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work irrespective of their gender ethnicity religion colour sexuality physical ability or age. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Remote Work :

No

Employment Type :

Full-time