Senior Security Control Assessor
Heredia, Costa Rica
ExperianExperian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.
Experian is the world’s leading global information services company. During life’s big moments – from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers – we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.
We have 20,000 people operating across 44 countries and every day we’re investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.
Senior member of the Control Assurance team reporting to the Information Security Control Assurance Testing Manager.
May lead or support the independent comprehensive assessments of the management, operational, and technical security controls and employed within processes or IT systems to determine the overall effectiveness of the controls.
- Contribute to the planning of control tests, including risk identification, sampling, selection of controls, testing methods and reporting criteria.
- May lead control testing teams, to perform design and operating effectiveness testing of information security controls, including; fieldwork, testing and reporting activities.
- Provides peer review for control testing documentation produced during testing and act as Quality Assessor for tests they may lead, ensuring the accurate and timely completion of all the required control testing documentation.
- Will identify and document control deficiencies including root causes, risk descriptions, consistent issue ratings and recommendations for improvement.
- Is involved in creating and presenting reports of control testing findings to the testing stakeholders, including the socialization of any findings.
- Maybe the primary contact with business stakeholders for the controls tests they lead, and is responsible for the quality of control testing engagements and stakeholder communications including regular status updates.
- Contributes to the efficiency of the control testing program, by ensuring KPIs are measurable, that testing materials are standardized, and stakeholder feedback is captured to facilitate continual improvement.
- 3+ years’ experience performing IT Audit or Information Security control assessments.
- Bachelor’s degree in computer science, management information systems or relevant field or equivalent demonstrable experience.
- CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor or comparable certifications preferred.
- Knowledge of cybersecurity principles and organizational requirements relevant to confidentiality, integrity, availability, authentication and non-repudiation.
- Knowledge of governance, risk, and controls principles
- Good collaboration and interpersonal skills
- Skills in verbal and written communication
- Skill in preparing plans and related correspondence
- Skill in determining the protection needs of information systems, processes and networks
- Skill in conducting reviews of systems
- Skill in performing impact/risk assessment
- Skill in performing root cause analysis
- Skill in managing expectations and demonstrating commitment to delivering quality results
- Ability to apply critical reading/thinking skills
- Ability to answer questions in a clear and concise manner
- Ability to ask clarifying questions
- Ability to facilitate small group meetings
- Ability to collect, verify, validate and analyze test data
- Ability to translate data and test results into evaluative conclusions
- Ability to exercise judgement when controls are not well defined
Our benefits include Medical, life and dental insurance, Asociación Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
Experian Careers - Creating a better tomorrow together
We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine. With a focus on our employees, we have been certified for the third time as Great Place To Work (GPTW). Experian Consumer Information Services is redefining the way our clients do business within all aspects of the customer credit lifecycle. Fueled by best-in-class data and innovative technology we help businesses make smarter decisions, identify consumers, make decisions on loans, market to prospects and collect
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.
* Salary range is an estimate based on our salary survey 💰
Tags: Audits CISA CISM CISSP Computer Science Governance ISO 27001 KPIs PCI QSA Risk assessment
Perks/benefits: Health care Medical leave Salary bonus
More jobs like this
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open SOC Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open IT Security Analyst jobs
- Open Head of Information Security jobs
- Open Cyber Hunt SME jobs
- Open Security Consultant jobs
- Open Lead Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Security Operations Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Penetration Tester jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Director of Information Security jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open DevSecOps-related jobs
- Open IAM-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open CI/CD-related jobs
- Open Java-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Malware-related jobs
- Open OWASP-related jobs
- Open Terraform-related jobs
- Open IDS-related jobs