Security Standards Compliance Specialist - 100% US REMOTE
Allen, TX, United States
Applications have closed
Experian
Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO® score.Company Description
Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine.
Job Description
The primary responsibility of the Sec Standards Compliance team would be to establish and manage specific security standards’ compliance (such PCI, HIPAA, ISO 27002, SOC 2, etc.) more as a well-rounded programme vs. annual project activities. The team will be required to have a strong interface with technical and business experts and articulate audit needs, processes and drive remediation. This is achieved by quickly understanding the business environment, critical products and processes, internal and external standards and regulations and building excellent relationships across Experian Globally. This position is a part of the Global Security Office (GSO). The GSO sets and ensures that the Information Security policy and standards are implemented across Experian.
The InfoSec Standards Compliance Specialist is responsible for, but not limited to, the following:
Establish and managed specific standards’ compliance (such PCI, HIPAA, ISO 27002, SOC 2, FISMA/FedRAMP etc.) more as a well-rounded program vs. annual project activities. The elements of the program include many of the traits listed below.
Facilitate aforementioned attestations, audits and certification efforts for the businesses and technology. Partner with client support functions to coordinate and schedule timescales and teams.
Contribute to the management of overall program and owner of specified workstreams with full accountability for successful delivery
Working closely with other stakeholders to establish the program and workstream governance framework and ensuring adherence to those standards thereafter
Establishing, documenting, maintaining and communicating project scope, milestone/detailed plans, risks and issues and then proactively using as a basis for all discussions across the program to ensure full alignment
Proactively engaging with key stakeholders and providing facilitation to allow full engagement and participation across the program.
Providing meaningful status reports at program level and closely collaborating with workstream owners to deliver workstream level reporting
Manages relationships with key regulatory and industry assessment vendors.
Works alongside policy and standards team to incorporate changes into the enterprise policy document based on compliance assessment results.
Develop metrics and reporting to demonstrate standards compliance status.
Communicate the standards compliance posture and effectiveness to Management on a scheduled basis.
Follow up on deficiencies identified in reviews and external audits to ensure appropriate remediation measures have been achieved timely. Track mitigation steps and ensure that risks are managed appropriately and in a timely manner.
Manages a complex group of projects as it relates to post audit or ready assessment activities.
Manages timelines, resources, project plans, action item logs, status reports and statistics to ensure milestones, goals and commitments are met.
Actively contribute to a culture where the fair treatment of customers is at the heart of the Experian business. Take personal responsibility to ensure that you adhere to all regulatory requirements and apply appropriate controls in the interests of our customers.
Qualifications
- Bachelor’s degree in computer science or relevant field or equivalent demonstrable experience.
Experience in the information security standards area.
Requires subject matter expert knowledge of the specific security standards such as PCI, HIPAA, SOC, ISO 27001/2, FISMA/FedRAMP, GLBA, NIST, FCA, FCRA, CFPB, UK data protection act, etc.
Prior experience of managing these or similar compliance programs and managing engagement reviews (from scheduling to completion) is a must requirement.
Demonstrated success in leading, controlling, & completing IT projects.
Prior audit experience in any of the above areas a significant plus.
Proven ability to combine business acumen, technical acumen and process expertise to define control requirements for SOC 1 & SOC 2, HIPAA, PCI, ISO 27002, FISMA, FedRamp.
Proven ability to influence & gain buy-in at multiple levels, across divisions, functions and cultures; comfort working with executive level management
Strong subject matter expertise in computer operations required; (e.g. In-depth knowledge of Windows/Unix operating systems, authentication methods, firewalls, routers, web services, etc.).
Effective negotiating and problem solving skills.
Strong leadership skills.
Excellent communication; verbal, written, documentation and presenting to board level.
Highly organized with strong prioritization skills; creating and managing documents and information for yourself and others should be 2nd nature
Process driven, and has eye for detail, automation and efficiency to improve programs/processes.
Good collaboration, relationship and interpersonal skills.
Solid understanding of key network and technical security controls.
Experience working with or utilizing the RSA Archer eGRC application a plus.
Knowledge and qualification in formal Project Management methodologies is desirable, eg. ISEB, Prince 2
CISA, CISM, CISSP, PCI QSA or comparable certifications preferred but not required
Additional Information
Our uniqueness is that we truly value yours.
Experian's culture, people and environments are key differentiators. We take our people agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible working, development, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on
We’re an award-winning organization due to our strong people focus
Experian isn't just growing, we're leveraging cutting edge data science, design thinking and passion to build tomorrow's credit solutions. Innovation is a critical part of Experian's DNA and culture
Our compensation reflects the cost of labor across several U.S. geographic markets. The base pay range for this position is listed above. Within this range, individual pay is determined by work location and additional factors such as job-related skills, experience and education. This position is also eligible for a variable pay opportunity and a comprehensive benefits package which includes health, life and disability insurance, generous paid time off including paid parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe. See our DEI work in action!
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation CISA CISM CISSP Compliance Computer Science FedRAMP Firewalls FISMA GLBA Governance HIPAA ISO 27001 ISO 27002 NIST PCI QSA RSA SOC SOC 1 SOC 2 UNIX Windows
Perks/benefits: 401(k) matching Career development Equity Flex hours Flex vacation Health care Insurance Parental leave Team events Wellness
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs