Senior Security Control Assessor

Heredia, Costa Rica


Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.

View company page

Company Description

Experian is the world’s leading global information services company. During life’s big moments – from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers – we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.

We have 20,000 people operating across 44 countries and every day we’re investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.

Job Description

Senior member of the Control Assurance team reporting to the Information Security Control Assurance Testing Manager.

May lead or support the independent comprehensive assessments of the management, operational, and technical security controls and employed within processes or IT systems to determine the overall effectiveness of the controls.


  • Contribute to the planning of control tests, including risk identification, sampling, selection of controls, testing methods and reporting criteria.
  • May lead control testing teams, to perform design and operating effectiveness testing of information security controls, including; fieldwork, testing and reporting activities.
  • Provides peer review for control testing documentation produced during testing and act as Quality Assessor for tests they may lead, ensuring the accurate and timely completion of all the required control testing documentation.
  • Will identify and document control deficiencies including root causes, risk descriptions, consistent issue ratings and recommendations for improvement.
  • Is involved in creating and presenting reports of control testing findings to the testing stakeholders, including the socialization of any findings.
  • Maybe the primary contact with business stakeholders for the controls tests they lead, and is responsible for the quality of control testing engagements and stakeholder communications including regular status updates.
  • Contributes to the efficiency of the control testing program, by ensuring KPIs are measurable, that testing materials are standardized, and stakeholder feedback is captured to facilitate continual improvement.


Experience/Knowledge/Skills/Abilities/ Qualifications

  • 3+ years’ experience performing IT Audit or Information Security control assessments.
  • Bachelor’s degree in computer science, management information systems or relevant field or equivalent demonstrable experience.
  • CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor or comparable certifications preferred.
  • Knowledge of cybersecurity principles and organizational requirements relevant to confidentiality, integrity, availability, authentication and non-repudiation.
  • Knowledge of governance, risk, and controls principles
  • Good collaboration and interpersonal skills
  • Skills in verbal and written communication
  • Skill in preparing plans and related correspondence
  • Skill in determining the protection needs of information systems, processes and networks
  • Skill in conducting reviews of systems
  • Skill in performing impact/risk assessment
  • Skill in performing root cause analysis
  • Skill in managing expectations and demonstrating commitment to delivering quality results
  • Ability to apply critical reading/thinking skills
  • Ability to answer questions in a clear and concise manner
  • Ability to ask clarifying questions
  • Ability to facilitate small group meetings
  • Ability to collect, verify, validate and analyze test data
  • Ability to translate data and test results into evaluative conclusions
  • Ability to exercise judgement when controls are not well defined

Additional Information

Our benefits include Medical, life and dental insurance, Asociación Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

Experian Careers - Creating a better tomorrow together

We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine. With a focus on our employees, we have been certified for the third time as Great Place To Work (GPTW). Experian Consumer Information Services is redefining the way our clients do business within all aspects of the customer credit lifecycle. Fueled by best-in-class data and innovative technology we help businesses make smarter decisions, identify consumers, make decisions on loans, market to prospects and collect


Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.

* Salary range is an estimate based on our salary survey 💰

Tags: Audits CISA CISM CISSP Computer Science Governance ISO 27001 KPIs PCI QSA Risk assessment

Perks/benefits: Health care Medical leave Salary bonus

Region: North America
Country: Costa Rica
Job stats:  5  1  0
  • Share this job via
  • or

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.