at TransUnion LLC in Chicago, Illinois, United States
Job Description
TransUnion's Job Applicant Privacy Notice
Personal Information We Collect
Your Privacy Choices
What We'll Bring:At TransUnion we have a welcoming and energetic environment that encourages collaboration and innovation - we're constantly exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius. Come be a part of our team - you'll work with great people, pioneering products and cutting-edge technology.
Come be a part of our team - you'll work with great people, pioneering products and cutting-edge technology.
Risk & Compliance (R&C) plays a key role in the Company's risk management governance, policies, and processes. R&C ensures risk is proactively identified, managed, mitigated, and governed in accordance with the enterprise risk management framework and in keeping with the Company's risk appetite. R&C is a core component of the second line in the Company's implementation of the three lines model of risk management.
The role will focus on Technology & Security Risk Management and Compliance for TransUnion and reside within the company's Risk Management Team, a Second Line of Defense function. This role requires a technical depth in technology risk and information security risks and controls. This role will lead a team responsible for performing check and challenge to the controls put in place by the first line Technology and Information Security business areas of the company. This role will partner with colleagues across all lines of defense, proactively identifying, assessing, and driving mitigation of technology and security risks that impact the Company's Operational Resilience. As a partner and trusted advisor to Technology and Information Security, you will participate directly with business unit leadership in establishing strategic direction and business plans and help align the initiatives undertaken by Risk and Compliance with the business's strategic operating plans to ensure appropriate assurance.
The Sr. Director will be a leader, providing compliance advice and support, ensuring oversight and assurance activities are being performed by their team to validate that relevant technology and information security risks are identified and appropriately managed, bringing awareness to risk and control issues, driving development of comprehensive solutions and improvements to controls to mitigate risk, providing complementary subject matter and risk management expertise throughout the risk lifecycle, and ensuring risk is managed in keeping with the Company's risk appetite.
What You'll Bring:
8+ years' experience in related roles such as risk management, compliance, audit, and information security, with specific focus on technology and information security.
Expertise in information security domains and risks in areas such as threat modeling, security architecture, identity and access management, secure system development lifecycle, application security, and vulnerability management.
Excellent communications skills, with the ability to effectively interface with senior management, regulators, and external entities.
People management skills, strong leadership, influencing, and relationship-building skills.
Excellent analytical and problem-solving abilities, with a keen attention to detail and a results-oriented mindset.
Strong project management skills and are comfortable with organizing and managing multiple priorities and deadlines concurrently.
Relevant certifications such as CISSP, CGRC, CCSP, CISA, CISM, CCEP & CRISC.
Experience working in financial services or other regulated industry.
Bachelor's degree in a relevant discipline.
Impact You'll Make:
This role will have opportunities to work with senior leaders and teams across multiple areas of the Company such as technology, information security, R&C, legal, privacy, internal audit, procurement, and the business units, across multiple solutions and products around the world.
You will establish the strategic and tactical focus for the second line IT assurance team, ensuring alignment with the overall enterprise risk management framework and compliance priorities.
You will take a lead role in the oversight of technology and information security risk management activities to ensure policies, processes, and practices meet requirements and are consistent with industry standards and best practices. You will maintain appropriate reporting and ensure escalation of any gaps or opportunities for... For full info follow application link.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.
