Director, Security Partner - 100% US REMOTE
Allen, TX, United States
Applications have closed
Experian
Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.Company Description
Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine.
Job Description
Experian seeks a Security Partner Director to embody and enact the practical day-to-day requirements of the Experian Global Information Security Program by serving as an advisor to the business unit’s functional leaders. The ideal candidate will engage with the members of the business unit’s (BU) senior leadership team(s) to understand, discuss, and advise on the intersection of strategic priorities and key security risks. The role evangelizes security to the business unit, but more importantly, acts as the voice of the BU with Experian’s Global Security Office (EGSO).
The successful candidate is required to bring industry/technical knowledge, but also demonstrate business acumen, and possess strong leadership and communication skills with the ability to operate with little supervision, relying on influence rather than authority to get things done.
Key Responsibilities
Foster trusted executive relationships while dealing with members of the BU’s management team. Participate in project planning process to ensure that appropriate levels of security oversight exist.
Assess, consult, and collaborate as needed to link security with business unit goals and initiatives.
Advocate for the BU by sharing its specific threats, requirements, and insights with the EGSO Leadership, other SPs, and members of the Information Technology (EITS) and security organization, to ensure a business unit-specific perspective exists. In addition, supports resource discussions based on the specific needs, risks, and priorities of that BU.
Support BU-level strategic decision-making, product development, system implementations, and the change management associated with the adoption of new security processes and procedures.
On-going partnership (vs. one time guidance) to build environments and deploy technologies in a secure manner and mitigating risks beforehand – truly positioning security as an enabler of business.
Conduct project security assessments (PSA) for new enterprise development and significant changes, and facilitate the continual submission, review, and decisions related to business unit-critical issues and exceptions to any security control.
Monitor information security trends internal and external to the business and keep business-facing leadership informed about information security-related incidents [Threat Informed Defense Approach].
Promote corporate cybersecurity awareness activities and support the implementation of security awareness concepts locally, as needed, to suit the business unit.
Create and review security metrics to measure security effectiveness at the business unit and corporate level.
Quantify and communicate risk to BU leadership in relation to BU-specific goals, initiatives, and changes (people, process, technology).
Translate how business unit-specific risks factor into firmwide risks at senior-level, e.g., Regional Management Committees (RMC), Security Review, and Security and Continuity Steering Committee (SCSC).
Oversee the maintenance of a risk register and support risk reporting at required intervals specific to the BU.
Support on the monitoring and measuring of policies, processes, and controls that support compliance with industry and regionally specific mandates, laws, and regulations specific to the business unit, and how those roll up into broader mandates for the enterprise.
Work with other governance functions on educating BU leadership on prospective changes to relevant mandates, laws, and regulations. Uncover any gaps that may exist.
Determine any business unit-specific requirements that may exist due to geography, region, data, vertical, etc., and how those differ from or overlap with firmwide or departmental mandates.
Assist in the completion of internal and external security assessments for the business unit.
Qualifications
Job Requirements
Bachelor’s Degree in a relevant major or equivalent experience in security, risk, audit, compliance, and management.
5+ years of experience in a security field with strong demonstrable evidence of a technical background or security risk assessments / audit field.
Relationship management, team building, and facilitation.
Presentation, data analysis and problem-solving skills.
Interpretation and application of security policies, standards, and procedures.
Ability, drive and motivation to research and provide the right guidance and find possible solutions. Ability to push back where the risk outweighs the benefits.
Adaptive communication skills; can speak to audiences at varying corporate altitudes and business functions.
Persuasion, understands how to align incentives of various teams.
Curiosity to ask questions and challenge status quo.
Preferred certifications: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Cloud Security Professional (CCSP).
Behaviors
Ability to operate with little supervision and guidance.
Ability to collaborate and build consensus with stakeholders across multiple functions.
Ability to lead cross-functional teams to execute on security and business unit objectives.
Relies on influence, not authority, to get things done.
Advocates for the business unit and for security.
Process driven, and has eye for detail, automation, and efficiency to improve programs/processes.
Knowledge
Information technology-related frameworks, such as International Standards Organization (ISO) 27001 series, NIST series, Information Technology Infrastructure Library (ITIL), Control Objectives for Information and Related Technologies (COBIT).
Overall understanding of privacy-related regulations, such as General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), and regional breach notification laws.
Basic knowledge of vertical-specific frameworks and regulations is a plus, e.g., FedRAMP, FFIEC, HIPAA, and PCI.
Risk analysis, assessment, treatment, and management methodologies.
Agile methodology for application/software.
Additional Information
Our uniqueness is that we truly value yours.
Experian's culture, people and environments are key differentiators. We take our people agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible working, development, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on
We’re an award-winning organization due to our strong people focus
Experian isn't just growing, we're leveraging cutting edge data science, design thinking and passion to build tomorrow's credit solutions. Innovation is a critical part of Experian's DNA and culture
Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range, individual pay is determined by work location and additional factors such as job-related skills, experience and education. This position is also eligible for a variable pay opportunity and a comprehensive benefits package which includes health, life and disability insurance, generous paid time off including paid parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe. See our DEI work in action!
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Automation CCPA CCSP CIPP CISA CISM CISSP Cloud COBIT Compliance CRISC FedRAMP FFIEC GDPR Governance HIPAA ITIL Monitoring NIST Privacy Risk analysis Risk assessment Security assessment
Perks/benefits: 401(k) matching Career development Equity Flex hours Flex vacation Health care Insurance Parental leave Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs