We're unlocking the power of data to help create a better tomorrow.

Information Security Expert, Client Security Assurance

Security EngineerSecurity EngineerFull TimeRemoteTeam 10,001+Since 1996H1B SponsorCompany Site LinkedIn

Location

United States

Posted

65 days ago

Salary

$115.7K - $208.3K / year

Professional Certificate8 yrs expEnglishAWSAzureCloudCyber Security

Job Description

• Lead client audits (onsite/virtual) including presentation of evidence, explanation of controls, planning and execution of pre and post audit activities (coordinate needed remediation, etc.). • Support commercial teams to present Experian's security controls and risk posture to clients through Requests for Information / Requests for Proposal and/or pre-sales consultancy. • Review contractual security clauses & deliverables under contractual agreements to ensure Experian does not exceed risk tolerance or be put in a position where it fails in its ability to meet client requirements. • Take the lead on articulating Experian's security posture to justify any changes with clients. • Analyze audit results and post audit reports and follow up on security items. • Conduct gap analysis and articulate contractual risks to internal stakeholders to enable risk-informed contractual decisions. • Maintain current and up-to-date evidence repository • Provide accurate, valid, and appropriate responses in a timely manner to security questionnaires and ad-hoc inquiries sent by prospective and existing clients and business partners. • Provide SME consultancy to Business Units on Experian information security governance and risk management framework in the context of the above. • Maintain client-facing security documentation ensuring its continued relevance and accuracy. • Collaborate with global team members across regions to ensure consistent experiences for clients around the world, and act as a mentor to junior members in sharing knowledges and experiences.

Job Requirements

In-depth experience reviewing and negotiating contractual terms presented by clients / third parties and understanding the associated risks, communicate the risks to stakeholders and making recommendations
At least 8 years of experience working in an enterprise IT environment with at least 5 of those years executing internal or external audits, with exposure to supporting roles
Project management skills
Experience leading different cyber security audits of varying complexity
Hands-on experience auditing cloud environments and tactically implementing cloud controls (AWS, GC, Azure, etc.)
Experience with cloud-native tools such as AWS Security Hub, Azure Security Center, or other 3rd party tools to assess the security posture of cloud environment against industry benchmarks (such as NIST 800-53, CIS, MITTRE ATT&CK, CSA CSM, ISO27002, etc.)
Professional security certification such as CCSP/CCSK/CISSP/CISM/CISA/ISO27001LA or other equivalent, or willingness to pursue other relevant accreditations (company supported)

Benefits

Great compensation package and bonus plan.
Core benefits including medical, dental, vision, and matching 401K.
Flexible work environment, ability to work remote, hybrid or in-office.
Flexible time off including volunteer time off, vacation, sick and 12-paid holidays.