Senior Information Security Specialist (Client Security Assurance)

Company Description

Experian is the world's leading global information services company. During life's big moments – from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers – we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and excel, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.

As the world's leading repository of consumer credit data, Experian is transforming data into solutions that facilitate transactions, ensure financial safety and improve the financial lives of millions of consumers around the world. We have been named by Forbes magazine as one of the "World's Most Innovative Companies" and ranked on Fortune's Best Companies to work for.

Job Description

The Client Security Assurance team is the function within Experian's Global Security Office (EGSO) which provides B2B clients assurance that Experian's control environment is the secure choice for them. CSA provides pre- and post-sales security support through RFP's / RFI's and contract negotiations, and supporting the ongoing maintenance of relationships through responses to questionnaires, client-led audits of the security controls, and respond to ad-hoc security inquiries related to new threats.

Reporting to the Regional Lead-Client Security Assurance, The Senior Information Security Specialist works with partners to fulfil client's security requirements such as facilitating third-party assessments and audits, supporting commercial teams with security components of RFPs/RFIs, reviewing security clauses and deliverables in contracts and agreements, and supporting legal and compliance on regulatory security requirements by bringing subject matter expertise to the context of client environments. You will articulate Experian's security posture to aid in the sales and audit process. This is achieved by quickly understanding the business environment, products and processes, internal and external standards and applicable regulations, in addition to building excellent relationships across Experian globally.

Main Responsibilities

With a client-focused attitude:

• Manage client audits (on-site or virtual) including presentation of evidence, explanation of controls, planning and coordination of pre and post audit activities.
• Support commercial teams to present Experian's security controls and risk posture to clients through Requests for Information / Requests for Proposal and pre-sales consultancy.
• Review contractual security clauses and deliverables under agreements to ensure Experian does not exceed risk tolerance or be put in a position where it fails in its ability to meet client requirements.
• Lead Experian's security posture to justify any changes with clients.
• Articulate contractual risks to the team to allow risk-informed contractual decisions
• You will provide accurate, valid, and appropriate responses promptly to security questionnaires and ad-hoc inquiries sent by prospective and existing clients and business partners
• Provide SME consultancy to Business Units on Experian information security governance and risk management framework in the context of the above
• You will maintain client-facing security documentation ensuring its continued relevance and accuracy
• Collaborate with global team members to ensure experiences for clients around the world, and act as a mentor to junior members in sharing knowledges and experiences

Qualifications

Requirements

• Understanding of network and technical security controls Investigative for addressing findings
• Understanding of security concepts as they apply to different environments (on prem., cloud.)
• Documentation skills
• Tailor communication of technically complex issues to multiple audiences
• Project management and client management skills to handle multiple tasks and control expectations of client-imposed deadlines (and internal clients)
• Take ownership of partners concerns and follow to resolution
• Process-driven, automation, and efficiency to improve programs and processes
• Experienced with use of collaboration tools such SharePoint, Confluence, ServiceNow and Salesforce

Required Qualification/Experience

• Project management skills and lead varying audits (and projects) of different complexity
• At least 5 years of experience working in an enterprise IT environment with at least 3 of those years working in information security solutions or services, with exposure to supporting roles
• Preferable: 3+ years of experience in client-facing aspect –as an auditor or auditee, consulting, account management, responding to Security/Operational/Process questionnaires, bids, RFP, proposals.
• Legal background is also beneficial.
• Fluent in English
• Experience supporting the sales process from an information security or IT operations perspective
• Experience reviewing and negotiating contractual terms presented by clients / third parties and understanding how the enterprise can support those requests.
• Professional security certification such as CISSP/CISM/CISA/ISO27001LA or other equivalent, or willingness to pursue other relevant accreditations (company supported)

Additional Information

This is a permanent home-based role in Costa Rica. No relocation available.

Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

#LI-Remote