Cybersecurity Risk Management Senior Consultant - Remote
What We'll Bring:At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation we’re – consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.
Come be a part of our team – you’ll work with great people, pioneering products and cutting-edge technology.
This is a remote position which may require occasional in-person attendance at work-related events at the discretion of management.
What You'll Bring:
TransUnion is looking for a Senior Risk Assessor to join the Global Product Risk team. This individual will work alongside product team members and executives to identify risks on company owned publicly facing technologies and prioritize remediation efforts. This individual will ensure the product team members are prioritizing and maturing their security efforts so TransUnion can continue to protect our most valuable assets. The main objective for this role is to help in risk identification, risk rate, and provide prioritization and remediation recommendations. This individual will frequently cross-collaborate with various areas of the business and other team members within the team including Investigations, Policy and Strategy.
3 or more years of experience in Cybersecurity, IT Audit, Governance, Risk, and Compliance (GRC), or Privacy
Bachelor’s degree in Management Information Systems, Information Security, Computer Science, or related fields
Have knowledge of industry standards and regulations (CIS, NIST 800-63, NIST CSF, ISO 27001, PCI DSS, ITIL, SOC I & II, etc.)
Knowledge and experience with digital identification, verification, and authentication
Knowledge and experience in risk management
Strong degree of comfort working alongside, engaging and communicating with senior software and business-side stakeholders
Strong written skills
We’re also looking for the preferred skills below. Whether you are proficient or could use some brushing up, we’re happy to support your development in:
Experience with eGRC tools
Experience with cyber security policy writing or development is preferred
CISSP, CEH, CIPP, CISM, CFE, GSEC, GCFA, or related certifications are preferred
Impact You'll Make:
Under the general direction of the Global Risk Assessment Manager, this individual is responsible independently leading and performing the assessment of technologies, identification of risks, and prioritization of control gap mitigations for company owned publicly facing technologies
Work closely with the product teams to detect potential security weaknesses and brainstorm creative ways to tackle challenges unique to TransUnion’s business and system architecture
Articulate security risks to a variety of internal stakeholders, including both technical and executive stakeholders
Provide defensible recommendations on technical, physical and administrative control implementations based on assessment findings aligned to CIS and/or NIST
Compile and report on security risk and operational metrics
Recommend process improvement and strategic initiatives as it relates to product risk assessments
Develop strong, collaborative, cross functional relationships with key stakeholders to enhance the relationship between Global Product Risk and product teams to understand technology risks, assist with remediation prioritization, and improve customer experience
TransUnion Job TitleSr Consultant, Cybersecurity