Information Security Consultant - Lead #LI-RJ1 The Global Security Office Information Security Consultant Lead provides consulting and strategic assurance services to the business. This position requires a strong ability to interface with technical and business experts and articulate the risk in business terms. The position requires the individual to quickly understand the business environment, critical products and processes, internal and external standards and regulations, and to build excellent relationships across Experian globally. This position is a part of the Experian Global Security Office (EGSO). The GSO sets the Information Security policy and standards, and ensures these are implemented across Experian.
The Information Security Consultant Lead is responsible for, but not limited to, the following:
Managing a small team who lead on providing InfoSec consultancy for global, strategic projects, ensuring oversight, timely reporting and escalation as required
Perform security assessments for strategic new projects - this includes but not limited to new application development projects, data center builds and any other new technology or infrastructure builds/enhancements.
Work with program specialist and other functions (e.g. PMO) to develop and deploy process to ensure projects are assessed from the beginning and requirements are delivered.
Working with senior stakeholders, SMEs and project management to ensure security requirements are understood and implemented as part of the project lifecycle. The responsibilities also include staying with the project through the cycle (from inception to product implementation) and validating the implementation, as needed.
Partner with businesses and technology to research and provide security guidance for strategic projects involving new technologies or concepts (e.g. moving a core application to cloud, or developing mobile application, new authentication technology, encryption techniques or technologies, etc.). The position requires on-going partnership (vs. one time guidance) to build environments and deploy technologies in a secure manner and mitigating risks beforehand - truly positioning security as an enabler of business
Work with businesses and technology teams to capture non-compliance, ensuring justification, and mitigating controls are appropriately captured.
Develop KPI and prepare reporting metrics for the InfoSec consulting function and progress on enhancements initiatives.
Qualified applicants for the Information Security Consultant position will meet the minimum requirements as stated below: #LI-RJ1
Bachelor's degree in computer science or relevant field or equivalent demonstrable experience
7+ years of experience in security field specially around security assessments or audit field
Must have a strong technical background
Must have demonstrable experience and strong understanding of the following: advanced authentication technologies, Cloud security, mobile app development and security, network and end point security technologies, encryption and encryption key management, database and application monitoring, networking, system hardening
Ability, drive and motivation to research and provide the right guidance and find possible solutions. Ability to push back where the risk outweighs the benefits
Curiosity to ask questions and challenge status quo
Strong leadership skills.
Excellent verbal and written communication skills.
Problem Solving & Analysis.
Process driven, and has eye for detail, automation and efficiency to improve programs/processes.
Good collaboration, relationship and interpersonal skills.
CISA, CISM, CISSP, PCI QSA or comparable certifications preferred but not required.
Be unique. Be authentic. However you prefer to say it, we really mean it. Our culture
embraces people’s diverse perspectives and creates a positive environment where everyone
belongs. We’re determined to build a better, more connected world for everyone.