Third Party Security Senior Assessor
Experian's Global Security Office's vision is to protect, connect and create its business in a secure and resilient manner. Information Security is responsible for protecting information by the design and implementation of solutions and ensuring appropriate oversight.
We are growing and looking to hire Third Party Security Specialists for our Global Security Office Third Party Security team (GSO -TPS).
The Global Security Office Third Party Security team (GSO -TPS) helps ensure that Experian vendors and third parties are protecting Experian data in accordance with Experian policies, contracts and best practices. This is achieved by quickly understanding the key assessment processes, entities connectivity methods, data usage and handling, internal and external standards and regulations.
The Third Party Security Senior Assessor is responsible for, but not limited to, the following:
Conducts information security reviews of business partners and third parties using Experian processes and standards using questionnaires and through virtual or onsite assessments.
Identify information security deficiencies or risks to appropriate parties. Provide escalation path for information security issues, incidents and enquiries.
Partner with business, legal and compliance departments to ensure program is in line with our corporate values, compliance programs, laws and regulations, and enables the business to achieve its objectives
Works with business partners, clients, customers, third parties and independent security assessors, to educate them about Experian's Third Party Security requirements and assist in the interpretation and implementation of the requirements.
Prepares statistical reports on compliance deficiency trends and violations
Research, develop, deploy and implement automation and efficiency tools to maximize output
Partner and work with GSO teams to ensure GSO programs are deployed successfully, where applicable
Qualified applicants for the Third Party Security Senior Assessor position will meet the minimum requirements as stated below:
Strong leadership skills.
Problem Solving & Analysis.
Process driven and has eye for detail.
Strong verbal and written communication skills.
Good collaboration and interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change.
Knowledge of IT Risk and Security governance frameworks such as ISO 27001, PCI, and HIPAA.
Good understanding of key network and technical security controls.
Understanding of risks in banking/financial services sector will be an added advantage.
Desired Work Experience 4 to 6 years performing IT/Information Security Reviews.
CISA, CISM, CISSP, PCI QSA ISO 27001 Lead Auditor or comparable certifications preferred but not required.