Senior Security Maven

Summary

Join Experian Health's Product Security team as a Senior Security Maven, leading incident response, improving secure development practices, and mentoring junior team members. You will be responsible for the security of Experian's Health products, collaborating with engineering, operations, and security teams. This role requires experience supporting senior-level partners and expertise in security frameworks and compliance efforts. The position offers a great compensation package, core benefits, flexible work environment, and flexible time off. You will be a trusted security advisor, safeguarding client data and ensuring adherence to data protection standards. This is a remote position.

Requirements

• Experience directly supporting senior level partners
• Certifications such as CISSP, CSSLP, CIPP/US, CISM, CISA, or GCSA (or equivalent experience)
• 7+ years of experience supporting third-party client audits, privacy assessments, or compliance efforts (HIPAA, SOC2, FedRAMP, HITRUST)
• 7+ years of experience with frameworks like OWASP, MITRE, and DevSecOps toolchains

Responsibilities

• Lead client incident readiness and escalation response and take an ownership in managing the security response for incidents
• Lead client incident retrospectives and RCAs by collaborating with engineering, operations, and security teams to identify systemic breakdowns during client or internal incidents
• Improve adoption of secure development practices and embed secure-by-design thinking in the SDLC
• Accelerate threat modeling, secure code reviews, and initiative-taking security testing tailored to the team's architecture
• Escalate organizational misalignments and champion resolutions
• Safeguard client data and promote and oversee adherence to data protection standards
• Provide risk-based, practical security guidance that aligns with enterprise policies and balances delivery needs
• Coordinate technical investigations, interface with client-facing teams, and help summarize messaging that is transparent and accurate
• Be a Trusted Security Advisor and serve as the primary security contact for assigned application portfolios and product teams
• Partner with application owners to ensure sensitive client data is stored, transmitted, and processed in accordance with regulatory and contractual obligations
• Ensure resulting insights from all incidents leads to improvements in controls, data flows, and team processes
• Operationalize corporate security Projects and translate central security programs—such as vulnerability management, bug bounty operations, access management, and compliance requirements—into clear implementation plans
• Improve communication and agreement by anticipating the downstream impact of security programs and brief department leaders, product teams, and client partners
• Mentor and multiply impacts by serving as a senior representative and role model for the Security Mavens program
• Mentor junior Mavens and help establish a culture of continuous improvement, knowledge-sharing, and security ownership

Benefits

• Great compensation package and bonus plan
• Core benefits including medical, dental, vision, and matching 401K
• Flexible work environment, ability to work remote
• Flexible time off including volunteer time off, vacation, sick and 12-paid holidays