This job has expired, please see additional jobs below
Senior Analyst
Experian
Allen, TX, United States
Job Details - this job has expired, please see similar jobs below
Description
The Information Security Governance and Control team is the principal advocate for information security and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the organization. The team oversees the development and implementation of a comprehensive security program, including Governance, Risk and Compliance (GRC.). The Sr. GRC Analyst is primarily responsible for, but not limited to, performing information security risk assessments and control testing.
Key Responsibilities:
Contributes to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices.
Performs design and operating effectiveness testing on information security controls.
Identifies, documents, and reports control deficiencies and recommendations for improvement.
Documents control testing and associated findings into Archer GRC tool (Archer).
Works with other functions (Legal, Compliance, etc.) to coordinate control requirements and control reporting.
Facilitates information security self-assessments with the business and technology teams.
performs information security maturity assessments on Experian’s cybersecurity capabilities in alignment with NIST CSF.
Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments.
Qualified applicants for the position will meet the minimum requirements as stated below:
4+ years’ experience performing IT/Information Security control assessments.
Bachelor’s degree in computer science, management information systems or relevant field or equivalent demonstrable experience.
Strong knowledge of information security frameworks such as ISO 27001, NIST, PCI, and HIPAA.
CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor or comparable certifications preferred.
Process driven and has eye for detail.
Strong verbal and written communication skills, and the ability to articulate risks and findings to senior management.
Good collaboration and interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change.
Experience with GRC tools, such as Archer preferred.