Accreditation Specialist Lead

Summary

Join Experian's Global Security Office (GSO) as the Accreditation Specialist Lead and ensure Information Security policies and standards are implemented across the company. Lead accreditation projects (SOC 1/2/3, ISO27001, PCI-DSS), reporting to the Regional Lead of Client Security Assurance. You will lead specific standards' compliance, maintain evidence repositories, lead audits and certifications, partner with support functions to develop timelines and resources, and establish a governance framework for accreditation programs. Responsibilities include establishing project scope, engaging stakeholders, providing status reports, working with the Policy and Standards team, developing compliance metrics, communicating compliance posture to management, and following up on deficiencies. You will also lead complex accreditation projects and monitor challenges to ensure milestones are met. This is a remote position.

Requirements

• 8+ years of experience with cloud platforms such as Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP)
• Deep technical knowledge of specific security standards such as PCI, HIPAA, SOC 1/2/3, ISO 27001/2, FISMA/FedRAMP, CCM, NIST
• Experience leading similar compliance audit programs and auditing cloud environments
• Experience presenting to board level
• Project management skills running projects end-to-end; project initiation, planning/scheduling, execution, monitoring/reporting, and closure

Responsibilities

• Lead specific standards' compliance, such as PCI, HIPAA, ISO 27002, SOC 1/2/3, FISMA/FedRAMP
• Maintain evidence repositories and work with relevant SMEs to refresh artifacts
• Lead audits and certification efforts (including gap analysis) for the businesses and technology
• Partner with client support functions to develop timelines and resources needed to complete accreditation projects
• Partner with other stakeholders to establish the accreditation program and workstreams' governance framework, ensuring adherence to those standards thereafter
• Establish, document, and communicate project scope, milestone/detailed plans, risks, and issues, and then use as a basis for all discussions across the program to ensure full agreement
• Engage with key stakeholders and provide facilitation to allow full engagement and participation across the program
• Provide ongoing status reports at the program level and collaborate with workstream owners to deliver reporting
• Work with the Policy and Standards team to incorporate changes into the enterprise policy document based on compliance assessment results
• Develop metrics and reporting to demonstrate standards compliance status and flag risks
• Communicate the standards compliance posture and effectiveness to Management on a scheduled basis
• Follow up on deficiencies identified in reviews and external audits to ensure appropriate remediation measures are achieved promptly. Track mitigation steps and ensure that risks are managed
• Lead a complex group of accreditation projects as it relates to post-audit or readiness assessment activities
• Monitor and report challenges within timelines, resources, project plans, action logs, status reports, and statistics to ensure milestones, goals, and commitments are met

Preferred Qualifications

Plus: PMP, CISA, CISM, CCSP, PCI QSA, or comparable certifications

Benefits

• Great compensation package and bonus plan
• Core benefits including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remote, hybrid or in-office
• Flexible time off including volunteer time off, vacation, sick and 12-paid holidays