The Team’s Focus:
Transunion works with businesses and consumers to gather, analyze, and deliver critical information needed to build strong economies around the world. Protection of that information is critical our customers and business. As a Senior Information Security Consultant, you will be responsible for supporting our Information Security function for Brazil. You will support local security technologies, represent Global Information Security on local projects and provide technical guidance and recommendations to local IT management and other stakeholders.
How You’ll Contribute:
· Act as a strategic security advisor on Brazilian application development and technology deployment projects, maintaining a working knowledge of TransUnion’s Information Security Policy, standards and posture and, where needed, working with regional and global Information Security leads to provide guidance.
· Monitor threat and vulnerability management tools for alerts or changes in TransUnion’s security disposition and respond to anomalous events accordingly. This includes assisting the Global Security Operations Center with local security investigations and coordinating with IT leaders and engineers as appropriate.
· Maintain and test incident response process and ensure its integration with the Global Threat Management framework.
· Maintain a thorough understanding of current security deviations, open assessment and audit findings, vulnerabilities, and alignment to TU’s security posture.
· Work within the project and resource prioritization process to ensure that local security projects and efforts a represented, prioritized and executed.
· Assist in completing customer and data provider security questionnaires and facilitating onsite security audits, as necessary.
· Assist in planning, adoption and implementation of TransUnion’s security posture and solutions in Brazil’s technology environments and platforms.
What you’ll bring
As a Senior Consultant, you should have hands-on information security experience, and a Bachelor’s Degree in a related technical field. In addition, you should have expertise and experience in technical and professional areas.
· Working knowledge of industry frameworks and standards such as ISO 27001/27002
· Experience with designing, developing and implementing security processes, controls and technologies
· Working experience with Vulnerability Management, IDS/IPS, and Incident Response
· Experience with performing system audits and security assessments, and in interfacing with external auditors
· Experience with reporting security metrics (dashboards, KPIs, KRIs)
· Ability to operate effectively within Windows and TCP/IP network
· Understanding of Web applications and Layer 7 network protocols
· Ability to operate independently as an information security advisor and, where necessary, a hands-on contributor on technology deployments and other projects