Information Security Director - Attack Surface Management (100% US REMOTE)
Allen, TX, United States
Applications have closed
Experian
Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.Company Description
Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine.
Job Description
The Attack Surface Management Director sets the global strategy and direction for attack surface management, with the goal to ensure visibility of Experian’s attack surface and vulnerabilities. Engage with the CIO/CTO community to drive the remediation of vulnerabilities
Functions
Work with the Head of GPCS and peers to provide effective strategy for Attack Surface Management, including processes and solutions to continuously monitor and improve visibility of the attack surface in order to detect anomalies faster and reduce incidences of cyber-attacks
Engage with CTO’s and CIO’s to ensure strategy is understood agreed and implemented across all Experian Regions.
Provide leadership, direction, and strategy on all matters related to the detection, prioritization and reporting of vulnerabilities
Set strategy for vulnerability assessment and configuration assessment tools
Deliver multi-year roadmaps for the Attack Surface Management function
Defines vulnerability, configuration, and coverage KPIs/metrics to demonstrate coverage and remediation effectiveness
Escalate to Experian leadership if metrics aren’t aligned to policy requirements nor showing improvements over time.
Ensure that Vendors provide best possible service.
Responsibilities/Requirements
CTO and ‘C’ Level Engagement
Vendor Relationship Management
Strategy and Vision
Strategic Product selection and deployment
Policy enhancement and enforcement
Qualifications
Four-year college diploma or university degree in computer science or computer engineering, and/or 5 years equivalent work experience.
Certification as an information systems security professional (e.g., CISSP, CISM, CRISC, CISA)
3+ years of experience in information security vulnerability management role
Experience with large scale and complex environments
A broad and deep understanding of cybersecurity threats, vulnerabilities, controls, and remediation strategies
Applied knowledge and experience in cybersecurity, technology infrastructure, vulnerability management and security and controls
Excellent interpersonal skills and strong verbal and written communication
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood and actionable manner
Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
Proactive attitude, seeking for improvement opportunities which can positively impact the security posture and the business
Good project management skills and/or substantial exposure to project-based work structures.
Personal Attributes
Excellent oral and interpersonal communication skills.
Outstanding writing and documentation skills.
Able to communicate ideas in both technical and user-friendly language.
Highly self-motivated and directed, with keen attention to detail.
Able to prioritize and execute tasks in a high-pressure environment.
Experience working in a team-oriented, collaborative environment.
Willing to travel globally as required.
Additional Information
Our uniqueness is that we truly value yours.
Experian's culture, people and environments are key differentiators. We take our people agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible working, development, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on
We’re an award-winning organization due to our strong people focus
Experian isn't just growing, we're leveraging cutting edge data science, design thinking and passion to build tomorrow's credit solutions. Innovation is a critical part of Experian's DNA and culture
Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range, individual pay is determined by work location and additional factors such as job-related skills, experience and education. This position is also eligible for a variable pay opportunity and a comprehensive benefits package which includes health, life and disability insurance, generous paid time off including paid parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe. See our DEI work in action!
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: C CISA CISM CISSP Computer Science CRISC KPIs Strategy Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Equity Flex hours Flex vacation Health care Insurance Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs