Job Description

TransUnion is looking for a senior security leader who is skilled in multiple technical domains and enjoys leading the development of technology strategies that address the evolving threat landscape. This position will be a lead in the overall transition of the information security team to enable the accelerated maturity of our security program.

This role will be focused on helping advance and enhance TransUnion’s security capabilities and act as driving force behind our strategy related to control optimization and alignment to business goals. The role entails:

• Providing subject matter expertise to the Information Security & Cybersecurity organization and across TransUnion as related to detection, prevention, and response capabilities.

• Engage with Information Security Architecture to provide deep technical expertise that represents Cyber Threat/Defense and Security Operations.

• Coordinate with the Security M&A team to ensure that Cyber Defense and operational teams have a clear integration path and playbook for M&As.

• Serve as a trusted advisor to the CISO and Cybersecurity/Defense leadership for decisions for risk management and minimization.

• Driving strategy development and execution across multiple technical domains (i.e. Network Security, Endpoint Security, Cloud Security, Cyber Operations, etc.) and advance TransUnion’s Security program maturity.

• Using a structured methodology, determine near-term to long-term priorities; Consulting with fellow technical subject matter experts; develop alternative technical solutions; Identify options, risks, and evaluate cost vs. benefits in support of these solutions.

• Leading technical discussions with cross-functional teams to develop technical requirements and quickly assess security and compliance needs.

• Alongside project managers, lead global projects by assisting in the management of project execution, establishing timelines, and driving deliverables on-time and on-budget.

• Assisting security engineering verticals to perceive, evaluate, and prioritize activities based on the threat landscape.

We’d Love to See

• Advanced understanding of fundamentals for securing public cloud environments (AWS, GCP, Azure)

• Demonstrate expertise with addressing zero-day threats, intrusions, malware infection and experience with packet analysis.

• Establish credibility throughout the organization by earning the reputation for being a proactive senior leader and change agent.

• Excellent interpersonal, facilitation, and leadership skills along with effective communication (both written and verbal) skills.

• Knowledge of the financial services and payment systems area (or other critical infrastructure areas) with an emphasis on information security.

• Skilled at mentoring and motivating staff, communicating goals and other corporate initiatives and driving to results.

• Understanding of systems engineering concepts to mature engineered solutions with automation and optimization in mind

• Extensive experience in leading technical teams in designing, implementing, and providing cost management for complex information security solutions across multiple security domains.

• Subject matter expert proficiency and prior work experience in most technical security domains including but not limited to: Endpoint Security, Network Security, Cloud Security, Cyber Operations, Threat Intelligence, etc.

• Be able to bridge the multiple highly technical engineering domains into security operations while planning for sophisticated operations and automation.

• Practice with designing, building, and operationalizing environments aligned to global standards such as PCI, SOC2, etc.

• Deep understanding of threat actor tactics, techniques, and procedures (TTPs) as well as extensive experience with operationalizing Threat Intelligence to protect the Enterprise.

• Experience with operationally leveraging Cybersecurity frameworks such as NIST CSF, Microsoft Security Configuration Framework and MITRE ATT&CK.

• Demonstrate understanding of defense in depth concepts and supporting security technologies, including but not limited to: endpoint protection, network access control, Web Isolation, file integrity monitoring, Data loss Protection, firewalls, IDS/IPS, SIEM, application security controls, identity management / federated identity services and public key infrastructure.

How to Apply

Job Categories: Equal Opportunities. Job Types: Full-Time.

133 total views, 0 today

Apply for this Job