Experian’s Global Security Office's vision is to protect, connect and create Experian’s business in a secure and resilient manner.
The Information Security Governance Team is the principal advocate for information security and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the organization.
The Security Compliance Lead will be primarily responsible for designing, leading, and communicating a program that will drive compliance with Experian’s Information Security Policies and Security Control Standards.
A core principle of this role will be to reduce risk to our organization by ensuring all employees, staff and contractors know and understand their responsibilities for managing compliance to information security policy.
Key Responsibilities :
Design roadmap and lead the execution of the Experian Information Security Policy Compliance Program.
Leads and communicates security policy and control compliance, and drives accountability with stakeholders.
Supports the alignment of the policies and standards to regulations, laws, industry standards, and controls.
In collaboration with control owners and subject matter experts, communicates implementation guidance associated with security policy and standards to the applicable roles in the organization.
Ensures policy compliance program is operating effectively. .
Collaborates with other subject matter experts to ensure communications to the business align with information risk management policy and standards.
Ensures policy changes are appropriately communicated to the respective stakeholders.
Communicates and reinforces the policy variance and policy exception review processes.
Assist Experian’s Information Security Governance & Policy Lead with updating information security policies and standards.
Subject matter expert on Experian policies and standards.
Qualified applicants will meet the minimum requirements as stated below :
5+ years’ experience in writing Information Security policies and standards; ensuring adherence and compliance.
Able to be a subject matter expert on information risk management policies and standards.
5+ years of technology experience in one or more of the following areas : Information Security, Technology Governance, Technology Audit, Information Technology Compliance, Technology Infrastructure or Application Development.
Bachelor’s degree is required, preferably in Computer Science, System / Computer Engineering, Cyber-Security or Information Security
Possess in-depth knowledge of Information Risk Management and IT processes
Knowledge of the financial services industry and its regulations / laws is desired.
Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business.
Understanding of best practices and industry trends in information risk management (e.g., NIST, OWASP, ISO, COBIT, PCI, CMMI, ITIL)
Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches.
Able to collaborate well with internal and external stakeholders.
Able to enforce and communicate related policies, procedures, and guidelines.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together.
We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work.
For us, this is and it ensures that we live what we believe.