Full-time
Employee Status: Regular
Role Type: Home
Department: Legal & Compliance
Schedule: Full Time
**Company Description**:
Experian is the world's leading global information services company. During life's big moments - from buying a home or a car, to sending a child to college, to growing a business by connecting with new customers - we empower consumers and our clients to manage their data with confidence. We help individuals to take financial control and access financial services, businesses to make smarter decisions and thrive, lenders to lend more responsibly, and organizations to prevent identity fraud and crime.
We have 20,000 people operating across 44 countries and every day we're investing in new technologies, talented people, and innovation to help all our clients maximize every opportunity.
Experian is in search of a Lead Security Partner who will play a pivotal role in the organization's information security landscape. As a lead, you will serve as a trusted advisor to the functional leaders within the assigned business unit (BU). Your mission: to bridge the gap between strategic priorities and security risks, ensuring that the BU operates securely and efficiently.
In this influential position, you will engage with the BU's senior leadership team, gaining insights into their strategic goals and challenges. Your expertise will guide discussions on security matters, emphasizing the importance of safeguarding Experian's assets. But your impact extends beyond the BU—you are the BU's advocate within Experian's Global Security Office (EGSO), ensuring that security decisions align with the BU's unique context and needs.
Key Responsibilities
- Lead and strategize project security assessments (PSA) for new enterprise development and significant changes. Direct the continual submission, review, and decisions related to business unit-critical issues and exceptions to any security control. Ensure quality assurance efforts for routine PSAs.
- Develop a comprehensive understanding of all BU information security risks. Predict the needs for risk assessment, review, adjustment or escalation of risk rating, and any other demands within the risk lifecycle. Guide related efforts.
- Establish executive relationships and act as a trusted advisor to the BU's management team. Integrate into the BU project planning process to ensure that appropriate levels of security oversight exist.
- Direct, consult, collaborate, and lead as needed to integrate security with business unit goals and initiatives.
- Represent the BU by sharing its specific threats, requirements, and insights with the EGSO Leadership, other SPs, and members of the Information Technology (EITS) and security organization. Champion resource discussions based on the specific needs, risks, and priorities of that BU.
- Provide strategic thought leadership to support BU-level decision-making, product development, system implementations, and the change management associated with the adoption of new security processes and procedures.
- Maintain an on-going partnership to build environments and deploy technologies in a secure manner and mitigating risks beforehand - positioning security as an enabler of business.
- Analyze information security trends internal and external to the business and keep business-facing leadership informed about information security-related risks and incidents. Provide strategic direction for appropriate response (Threat Informed Defense Approach).
- Promote corporate cybersecurity awareness activities and support the implementation of security awareness concepts locally, as needed, to suit the business unit.
- Design and review security metrics to measure security effectiveness at the business unit and corporate level. Drive the execution of security partner team metrics (e.g., request volumes, SLA adherence, QA-KPIs, etc.).
- Communicate risk to BU leadership in relation to BU-specific goals, initiatives, and changes (people, process, technology).
- Interpret how business unit-specific risks factor into firmwide risks at senior-level, e.g., Regional Management Committees (RMC), NA Security Review, and Security and Continuity Steering Committee (SCSC).
- Lead continuous improvements related to the monitoring and measuring of policies, processes, and controls that support compliance with industry and regionally specific mandates, laws, and regulations specific to assigned business unit.
- Collaborate with other governance functions on educating BU leadership on prospective changes to relevant mandates, laws, and regulations. Identify any gaps that may exist and lead remediation efforts.
- Identify and communicate any business unit-specific requirements that may exist due to geography, region, data, vertical, etc., and how those differ from or overlap with firmwide or departmental mandates.
- Oversee the completion of internal and external security assessments for the business unit.
- Identify opportunit
