The Information Security Governance and Control team is the principal advocate for information security and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the organization.
The team oversees the development and implementation of a comprehensive security program, including Governance, Risk and Compliance (GRC).
The Senior Control Auditor is primarily responsible for, but not limited to, performing information security control testing.
Key Responsibilities :
Performs design and operating effectiveness testing on information security controls.
Identifies, documents, and reports control deficiencies and recommendations for improvement.
Documents control testing and associated findings into Archer GRC tool (Archer).
Contributes to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices.
Works with other functions (Legal, Compliance, etc.) to coordinate control requirements and control reporting.
Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and control deficiencies to various stakeholders.
Qualified applicants for the position will meet the minimum requirements as stated below :
4+ years’ experience performing IT Audit or Information Security control assessments.
Bachelor’s degree in computer science, management information systems or relevant field or equivalent demonstrable experience.
Strong knowledge of information security frameworks such as ISO 27001, NIST, PCI, and HIPAA.
CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor or comparable certifications preferred.
Process driven and has eye for detail.
Strong verbal and written communication skills, and the ability to articulate risks and findings to senior management.
Good collaboration and interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change.
Experience with GRC tools, such as Archer preferred.
Proven previous job stability, including maintaining long-term work relationships with former employers
Must be able to clear the company’s pre-employment screening
Experian is an Equal Opportunity Employer. Anyone needing accommodation to complete the interview process should notify the Talent Acquisition Partner