Information Security Accreditations Specialist

Summary

Join Experian as an Accreditations Specialist and coordinate accreditation activities throughout the year. You will work with technical and business experts, explain audit needs and processes, and guide remediation efforts. This role involves partnering with various teams to ensure compliance with standards like PCI, HIPAA, and ISO 27001. You will maintain evidence repositories, coordinate audits and certifications, and establish project scope and plans. The position requires experience in information security standards, cloud platforms, and project management. Experian offers a competitive compensation package, core benefits, and a flexible work environment.

Requirements

• Bachelor's degree in Computer science or relevant field or equivalent experience
• Experience in the information security standards area and familiarity with common security frameworks (CIS benchmark, NIST 800-53, ISO27002, CSA Cloud Controls Matrix (CCM))
• 3+ years of experience with cloud platforms such as Amazon Web Services (AWS), Azure, or Google Cloud Platform (GCP)
• Understanding of specific security standards such as PCI, HIPAA, SOC 1/2/3, ISO 27001/2, FISMA/FedRAMP, CCM, NIST
• Experience coordinating similar compliance audit programs and auditing cloud and hybrid environments
• Experience running projects end-to-end
• IT and Security Operations expertise required: knowledge of Windows/Linux/Unix operating systems, authentication methods, firewalls, routers, web services, cloud security
• Knowledge of formal Project Management methodologies such as PMP, CAPM, Agile, Lean Six Sigma, Scrum, and SAFe

Responsibilities

• Coordinate compliance with specific standards, such as PCI, HIPAA, ISO 27001, SOC 1/2/3, and FISMA/FedRAMP
• Maintain evidence repositories and work with SMEs to refresh artifacts
• Coordinate audits and certifications, and partner with client support to develop timelines and resources for accreditation projects
• Collaborate with partners to establish and maintain the program and governance framework, develop metrics to demonstrate compliance, flag risks, and communicate effectiveness to management
• Establish, document, maintain, and communicate project scope, milestone plans, risks, and issues, using them to ensure agreement across the program
• Partner with the policy and standards team to incorporate changes into the enterprise policy document based on compliance assessment results
• Follow up on deficiencies identified in reviews and external audits to ensure appropriate remediation measures have been achieved; track mitigation steps and ensure that risks are managed promptly
• Coordinate a complex group of projects related to post-audit or readiness activities under the guidance of the Director

Preferred Qualifications

Experience working with the RSA Archer eGRC application and other collaboration tools

Benefits

• Great compensation package and bonus plan
• Core benefits, including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remotely, hybrid, or in-office
• Flexible time off, including volunteer time off, vacation, sick, and 12-paid holidays