Attack Surface Management Metrics Specialist

Company Description

About us, but we’ll be brief
Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been name in the 100 “World’s Most Innovative Companies” by Forbes Magazine.

Job Description

What you'll be doing
As a Attack Surface Management Metric Specialist, you will be responsible for application security tasks such as static, SCA and dynamic scanning, collaboration with software engineers, provide flaw mitigation recommendations, implement the strategy for integrating automated security controls into the development life cycle and CI/CD pipelines. Ensuring that the requirements of security as per the Software Security Policy and Technical Security Baseline are met for new agile deliveries and for Experian’s Legacy estate with flaws and issues managed effectively throughout all stages of an applications life.

Responsibilities:

• Collaborate with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).
• Work closely with development teams to understand their needs and the risk profile for each application and customize solutions to meet the needs of the application.
• Collaborate on the implementation and management of SAST, SCA, DAST, and other scanning solutions to provide coverage for the application portfolio.
• Guide development teams through a review of their applications and risks against common application flaws like OWASP Top 10 and others Provide visibility to senior management along with context and prioritization of the issues.
• Operate as an advocate for Security in interactions with internal and external teams.
• Work with Risk & Compliance teams on SOC 2, PCI-DSS, HIPAA , and other audits as needed Researches and recommend policy and procedures as they relate to Application Security.
• Lead projects to implement security technologies for the entire enterprise.
• Integrate 3rd party and builds custom solutions into our CI/CD pipelines and development cycles.
• Define security guardrails through automated tool policies, SLAs, custom rules, and support the developer community.
• Help the enterprise manage vulnerabilities across automated tooling and manual security assessments.
• Work with Champions to build relationships and ensure key activities are supported and deliverables are achieved in a timely manner.
• Support education and awareness strategy, rollout for Development community.
• Support the AppSec technical team and ensure relationships with Business and team maximised and effective.

Qualifications

What your background looks like

Requirements

• Four-year college diploma or university degree in computer science or computer engineering, and/or 5 years equivalent work experience in application development.
• 5+ years direct experience in enterprise-level applications security.
• Experience with SAST, Software Composition Analysis (SCA), DAST, IAST, RASP tooling
• Experience in AppSec or DevSecOps groups
• Experience with CI/CD pipelines
• Experience with cloud-based application architectures
• Proven experience in overseeing the linking of cross-functional applications between disparate business units and systems.
• Experience with business and technical requirements analysis, business process modeling/mapping, methodology development, and data mapping.
• Strong understanding and background in MITRE, OWASP, SafeCode, risk management methodologies as they relate to integration/software testing.
• Good project management skills and/or substantial exposure to project-based work structures, project lifecycle models, etc.
• Strong understanding of end-user needs and requirements.
• Excellent understanding of the organization’s goals and objectives.

Preferences

• CSSLP
• Certifications in Application Testing Mechanisms

Additional Information

Culture at Experian

Our uniqueness is that we truly value yours.

Experian's culture, people, and environments are key differentiators. We take our people's agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible work, development, engagement, collaboration, wellness, rewards & recognitions, volunteering... the list goes on!

Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Experian is proud to be an Equal Opportunity and Affirmative Action employer. We’re passionate about unlocking the power of data to transform lives and create opportunities for consumers, businesses, and society. For more than 125 years, we’ve helped people and economies flourish – and we’re not done.

We take our people’s agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible working, development, collaboration, wellness, reward & recognition, volunteering, making an impact... the list goes on. See our DEI work in action!

The power of YOU. We are building a culture where everyone is comfortable bringing their whole self to work. A place where we not only respect our differences and values but celebrate them in a positive and supportive environment.

Find out what is like to work for Experian and discover the Unexpected!