at TransUnion LLC in Chicago, Illinois, United States
Job Description
TransUnion's Job Applicant Privacy Notice
Personal Information We Collect
Your Privacy Choices
What We'll Bring:At TransUnion we have a welcoming and energetic environment that encourages collaboration and innovation - we're constantly exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius. Come be a part of our team - you'll work with great people, pioneering products and cutting-edge technology.
Come be a part of our team - you'll work with great people, pioneering products and cutting-edge technology.
Risk & Compliance (R&C) plays a key role in the Company's risk management governance, policies, and processes. R&C ensures risk is proactively identified, managed, mitigated, and governed in accordance with the enterprise risk management framework and in keeping with the Company's risk appetite. R&C is a core component of the second line in the Company's implementation of the three lines model of risk management.
This role will be an individual contributor, leveraging IT/Security expertise to provide advice and consultation to technology and information security teams on risk matters and control effectiveness. The role will be performing oversight and assurance activities to validate that relevant technology and information security risks are identified and appropriately managed, bring awareness to risk and control issues, drive development of comprehensive solutions and improvements to controls to mitigate risk, provide complementary subject matter and risk management expertise throughout the risk lifecycle, and ensure risk is managed in keeping with the Company's risk appetite. This role will provide some regulatory compliance support to the Technology and Information Security business areas as deemed appropriate by the Sr. Director of Technology & Security Risk Management and Compliance.
The Advisor, Technology & Security Risk Management will have opportunities to work with senior leaders and teams across multiple areas of the Company such as technology, information security, R&C, legal, privacy, internal audit, procurement, and the business units, across multiple solutions and products around the world.
What You'll Bring:
4+ years experience in related roles such as risk management, compliance, audit, and information security, with specific focus on technology and information security.
Expertise in information security domains and risks in areas such as threat modeling, security architecture, identity and access management, security development lifecycle, application security, and vulnerability management.
Excellent communications skills, with the ability to effectively interface with senior management, regulators, and external entities.
Leadership, influencing, and relationship-building skills.
Excellent analytical and problem-solving abilities, with a keen attention to detail and a results-oriented mindset.
Some project management skills and are comfortable with organizing and managing multiple priorities and deadlines concurrently.
Relevant certifications such as CISSP, CGRC, CCSP, CISA, CISM, and CRISC.
Experience working in financial services or other regulated industry.
Bachelor's degree in a relevant discipline.
Impact You'll Make:
You will analyze technology and information security incidents, audit findings, and reported issues. Help determine root causes, themes and trends. Help develop comprehensive remediation approaches and plans. Monitor remediation plans to help ensure successful completion. Perform validation of completed remediation plans.
You will analyze technology and information security systems, processes, and controls to help ensure relevant risks are identified, appropriately assessed, and documented. Review appropriateness and adequacy of controls. Identify weaknesses and opportunities for improvement. Collaborate with management and risk owners to identify and develop comprehensive solutions to address weaknesses and implement improvements.
You will analyze technology and information security risk registers for proper assessment of identified risks, including analysis, rating, and prioritization, and proper assignment of ownership. Analyze mitigation plans for comprehensiveness, appropriateness, and timeliness to address associated risks.
You will participate in technology and information security risk forums to help identify new and emerging risks, and provide complementary expertise to foster robust dialog and information... For full info follow application link.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.
