Sr Consultant, InfoSec Risk Management & Governance

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

Job Description
The PCI Sr. Consultant will be responsible for ensuring compliance with regulatory and industry mandates of PCI-DSS as they pertain to the information technology components of the company. The role will include performing day to day aspects including scoping, identifying critical controls, implementing controls, conducting the periodic review exercises, documenting the artifacts and the evidence, and partnering with auditors and IT and business owners to complete the assessments.

Job Description
Lead and facilitate compliance with PCI-DSS requirements
Ensure that all PCI-DSS controls are implemented, documented, and monitored through the course of the year
Establish processes to support the controls and ensure that control self-assessments are conducted promptly with required completeness and accuracy
Support the various teams to implement processes and controls to ensure the company's compliance with other regulatory and industry mandates
Participate in identifying and validating critical controls to address IT and business risks and work with various teams to address identified deficiencies
Participate in PCI certification audits
Facilitate assessment and audits by internal and external auditors and assessors
Ensure that appropriate documentation in the form of policies, standards, and procedures is created and managed to support the various security, compliance, and audit requirements
Provide guidance and support to IT and business to ensure continued compliance with the various mandates

What You'll Bring:

Skills and Experience: Experience with developing and implementing automation for controls and compliance is preferred Strong analytical and problem-solving skills with the ability to function as a change agent Strong skills with intermediate to advanced level expertise with Excel and PowerPoint Demonstrated experience in working in a high paced multi-tasking environment. Understanding of security metrics and creation of useful dashboards for management review and consumption 3+ years in a role related to Security Engineering, Application Security, Product Security, or Security Operations Bachelor’s degree or a combination of education and experience in Information Security, Information Technology, Management Information Systems, Computer Science, or a related discipline Prior software development or engineering experience Experience working within or alongside a CI/CD pipeline including code quality gating Experience and/or working knowledge with SOC2, PCI DSS, NIST Security Frameworks Possess one or more information security certifications from the following organizations: AWS, CompTIA, ISC2, EC-Council, SANS Experience with Cybersecurity and Security Architecture within cloud environments (Amazon AWS, Microsoft Azure or Google Cloud)

Impact You'll Make:

N/a

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Sr Consultant, InfoSec Risk Management & Governance