Information Security Risk and Controls Senior Manager
Experian Ruddington, England, United Kingdom
Get AI-powered advice on this job and more exclusive features.
Company Description
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to accomplish their financial goals and help them save time and money.
We operate across a range of markets, including financial services, healthcare, automotive, agribusiness, insurance, and more. We invest in people and advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have 22,500 employees across 32 countries. Our headquarters are in Dublin, Ireland. Learn more at experianplc.com.
Internal Grade C
Job Description
The Senior Manager of Information Security Risk and Controls will be part of a team establishing Experian's information security risk and controls framework, informed by industry standards and emerging risks. You will provide subject matter expertise in cyber risk management and security control guidance to control owners. Reporting to the Director of Information Security Risk and Controls Assurance, your responsibilities include:
* Leading the second line security risk and controls team, defining and driving the vision for a security risk management framework.
* Collaborating with global partners, including 1LoD and 2LoD risk practitioners, to develop the enterprise security risk management program.
* Partnering with Global Risk Management, business units, and other risk partners to ensure comprehensive risk identification, tracking, mitigation, and reporting.
* Maintaining the information security risk and controls framework in accordance with industry standards, policies, and technological developments.
* Using your business process knowledge and technical expertise to influence control design quality and support ongoing implementation programs.
* Serving as the primary security risk liaison for departments, including executive partners, ensuring visibility and understanding of security risks.
* Staying informed about security best practices, regulations, and market trends, including cloud and AI, and assessing their impact on Experian's risk environment.
Qualifications
* Experience in Information Security Risk Management responsibilities and control assessments.
* Background in managerial or consulting roles in cybersecurity or information security risk.
* Expertise across all phases of the risk management lifecycle within a security or technology risk program.
* Certifications such as CISSP, CISA, CISM, CRISC or equivalents.
* Knowledge of risk management frameworks like Open FAIR, NIST 800-37, NIST 800-39.
* Experience with cloud security controls across multiple CSPs.
* Familiarity with security control frameworks such as ISO 27001, NIST, PCI, HIPAA.
* Experience with GRC tools, e.g., Archer, is preferred.
Additional Information
The benefits package includes:
* Flexible working options, hybrid or in-office.
* Competitive salary and discretionary bonus.
* Core benefits: pension, healthcare, sharesave scheme, and more.
* 25 days annual leave, 8 bank holidays, 3 volunteering days, with options to purchase additional leave.
Experian is an Equal Opportunity employer. We value diversity and are committed to inclusion. If you require accommodations due to a disability or special needs, please let us know.
Learn more at Experian Careers and discover what it's like to work with us.
#J-18808-Ljbffr