**Key Responsibilities**:
- Collaborate with cross-functional teams to prioritize and categorize vulnerabilities based on severity, potential impact, and likelihood of exploitation.
- Analyze security findings from various sources, such as security tools, penetration tests, to identify trends and patterns.
- Act as an Application Security Champion educating and assisting teams in testing, remediation and deviation processes.
- Manage and drive vulnerability tracking and timelines for remediation.
- Stay up to date with the latest security threats, vulnerabilities, and mitigation strategies in cloud technologies, and translate this knowledge into actionable insights.
- Collaborate with third-party vendors, Experian cyber fusion team, and internal stakeholders to address vulnerabilities and verify successful remediation.
- Provide regular reports and updates to management regarding the organization's vulnerability posture, ongoing remediation efforts, and improvements made to the vulnerability management program.
- Manage and track completion of security training and awareness programs for business unit.
- Assist with tracking and remediating control gaps.
- Drive efforts to ensure consistency of controls across the business unit.
- Build relationships with key stakeholders across the organization to track and manage risk.
- Mentor teammates on processes, best practices, prioritization, and issue resolution as per Experian policies, standards, and technical service baselines.
- Flexibility to be a utility player where needed as this business evolves.
- Other duties as requested.
**Qualifications**
- Bachelor's degree in computer science, information technology, cybersecurity, or a related field or demonstrated equivalent experience.
- Have or willingness to achieve industry-recognized certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), and Certified Cloud Security Professional (CCSP).
- Knowledge of major cloud platforms such as AWS, Azure, including experience with cloud security services and configuration management.
- Some experience using scripting languages (e.g., Python, Bash) with a focus on automating security controls.
- Familiarity with API security best practices, API design tools and documentation (e.g., Swagger, Postman) and related tools (e.g., API scanning tools).
- Experience with vulnerability scanning and assessment tools and the ability to interpret and prioritize the results.
- Skills to assess and prioritize vulnerabilities based on risk factors, business impact, and industry standards.
- Strong analytical and problem-solving skills to identify root causes of vulnerabilities and work collaboratively with teams to remediate them.
- Effective communication skills, both written and verbal, to interact with technical and non-technical stakeholders, present findings, and provide security recommendations.
- The ability to stay current with evolving cloud, big data, and container security trends, and adapt to new technologies and emerging threats.
- Agile project management skills to manage vulnerability assessments, remediation efforts, and ongoing security initiatives.
- Collaborative attitude, willingness to work in cross-functional teams, and a commitment to a culture of security within the organization.
Tipo de puesto: Tiempo completo
Salario: ¢1,000,000.00 - ¢1,800,000.00 al mes
Experiência:
- API Security best practices: 1 año (Deseable)
Idioma:
- Ingles (Obligatorio)