Remote Senior Control Assurance Assessor

Summary

Join Experian's Controls Assurance Testing Team as a Senior Control Assurance Assessor to provide second-line defense assurance services, ensuring security controls are robustly designed and implemented. Conduct security control assessments, develop test plans, and use data from security tools to capture evidence.

Requirements

• A bachelor's degree in computer science, management information systems, or a relevant field, or equivalent demonstrable experience
• 3+ years' experience performing IT Audit or security control testing
• 5+ years' of experience in Information Security or Information Technology
• Demonstrated experience in conducting security control testing and evaluations within an internal audit framework
• Knowledge of internal audit methodologies, including risk assessment, planning, execution, and reporting
• Hold a professional certification such as CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor, or equivalent
• Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001/27002)
• Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws
• Experience with sector-specific frameworks (e.g., HIPAA, PCI)

Responsibilities

• Conduct security control assessments, managing the process from planning through to reporting
• Develop test plans, test cases/steps, and procedures, using data from security tools to capture evidence
• Use queries and dashboards to identify potential control failures
• Ensure the accuracy and timely completion of control testing, providing peer review
• Document findings, including root cause analysis and recommendations for remediation
• Be the primary liaison with team members, delivering clear progress updates and results
• Contribute to the efficiency of the control testing program by establishing measurable indicators, standardizing testing materials, and integrating partner feedback for improvement

Preferred Qualifications

• Experience with cybersecurity principles and organizational requirements
• Apply governance, risk, and control principles
• Proficiency in both automated and manual testing of information security controls
• Facilitate small group meetings and communication of complex ideas
• Collect, validate, analyze, and translate test data into evaluative conclusions
• Research and application of knowledge about new technologies
• Agile working methodology experience

Benefits

• Medical insurance
• Life and dental insurance
• Asociacion Solidarista
• International Share Save Plan
• Flex Work/Work from home
• Paid time off
• Annual Performance Bonus
• Education Reimbursement
• Family Bonding
• Bereavement Leave
• Referral Program