Information Security Governance Policy Senior Analyst

Summary

Join Experian as our Information Security Governance Policy Senior Analyst and help define our security posture, touching all areas of the business while becoming an expert in security best practices. You will lead research and development of information security policies, communicate with senior leadership, review regulations and best practices, and collaborate with subject matter experts. This role involves working with industry partners, supporting policy awareness initiatives, reviewing business unit programs, and guiding the Information Security Policy and Standards teams' maturity. You will report to the Information Security Governance Policy Lead. This is a remote position.

Requirements

• Experience in information security, technology governance, technology audits, or information technology compliance
• Bachelor's degree in Computer Science or Information Security, or equivalent experience
• 4+ years of cybersecurity experience in enterprise environments
• Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
• Knowledge of cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering, threats and vulnerabilities
• Knowledge of IT technologies and methods to secure them with a knowledge of cloud security, including working knowledge of AWS
• Understanding of industry best practices (e.g., NIST, ISO, COBIT, CMMI, OWASP, ITIL)
• Knowledge of current industry trends in information risk management
• Understand and translate technical requirements for non-technical audiences
• Industry certifications such as CCSP, CRISC, CISSP, CISM, or equivalent experience

Responsibilities

• Lead the research and development of information security policies and their supporting documents, including detailed technical baselines based on industry best practices, with a focus on complex new technologies and cloud
• Communicate outcomes to senior leadership across Experian and negotiate with subject matter experts on the technical details of the policies and their supporting documents
• Review information security regulations and best practices to help align Experian policies and their supporting documents
• Work with industry partners to shape the development of industry frameworks and standards and provide insight to the business on upcoming trends and the external security landscape
• Collaborate with subject matter experts to determine the impact of changes to information security policies and their supporting documents. Ensure that changes to existing documents, new policies, and supporting documents are communicated
• Support policy document awareness initiatives and conduct training on policies and standards globally across Experian
• Review and provide expert checks and challenges on first-line business units' programs to support compliance with policies, standards, and regulations
• Support strategic initiatives representing the Information Security Governance team and provide subject matter expertise in the policy space
• Guide the Information Security Policy and Standards teams' continuing maturity using new technologies such as AI and ML

Preferred Qualifications

• Experience writing Information Security policies and standards
• Knowledge of the financial services industry and its regulations

Benefits

• Great compensation package and bonus plan
• Core benefits, including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remotely, hybrid, or in-office
• Flexible time off, including volunteer time off, vacation, sick, and 12-paid holidays