Full-Time Information Security Governance Policy Senior Analyst

As our Information Security Governance Policy Senior Analyst, you will help define Experian's security posture. You will touch all areas of the business, while also becoming an expert in security best practices, standards, and related regulations. You will report to the Information Security Governance Policy Lead.

You'll have the opportunity to:

1. Lead the research and development of information security policies and their supporting documents, including detailed technical baselines based on industry best practices, with a focus on complex new technologies and cloud.
2. Communicate outcomes to senior leadership across Experian and negotiate with subject matter experts on the technical details of the policies and their supporting documents.
3. Review information security regulations and best practices to help align Experian policies and their supporting documents.
4. Work with industry partners to shape the development of industry frameworks and standards and provide insight to the business on upcoming trends and the external security landscape.
5. Collaborate with subject matter experts to determine the impact of changes to information security policies and their supporting documents. Ensure that changes to existing documents, new policies, and supporting documents are communicated.
6. Support policy document awareness initiatives and conduct training on policies and standards globally across Experian.
7. Review and provide expert checks and challenges on first-line business units' programs to support compliance with policies, standards, and regulations.
8. Support strategic initiatives representing the Information Security Governance team and provide subject matter expertise in the policy space.
9. Guide the Information Security Policy and Standards teams' continuing maturity using new technologies such as AI and ML.

Your background:

• Experience in information security, technology governance, technology audits, or information technology compliance.
• Bachelor's degree in Computer Science or Information Security, or equivalent experience.
• 4+ years of cybersecurity experience in enterprise environments.
• Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business.
• Knowledge of cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering, threats and vulnerabilities.
• Industry certifications such as CCSP, CRISC, CISSP, CISM, or obtain such certification within the first two years as Information Security Governance Policy Senior Analyst.
• Flexibility to accommodate Eastern Time (ET) workday hours as needed.

What is the last date for applying to the job?

Which countries are accepted for this remote job?