This job posting isn't available in all website languages


Experian Careers Job Search

Information Security Regulatory Compliance Senior GRC Analyst

Information Technology & Systems
189316 Requisition #
Apply for Job
Share this Job

The Information Security Governance and Control team is the principal advocate for information security and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the organization. The team oversees the development and implementation of a comprehensive security program, including Governance, Risk and Compliance (GRC.). The Sr. GRC Analyst is primarily responsible for, but not limited to, performing regulatory compliance self-assessment reviews, information security risk assessments, and control testing.

Key Responsibilities:

• Executes information security regulatory compliance self-assessments and prepares responses to regulatory inquiries.
• Works with other functions (Legal, Compliance, etc.) to coordinate control requirements and control reporting.
• Facilitates information security self-assessments with the business and technology teams.
• Contributes to maintenance and update of library of information security control standards and procedures based on Information Security policies and procedures and industry best practices.
• Performs design and operating effectiveness testing on information security controls.
• Identifies, documents, and reports control deficiencies and recommendations for improvement.
• Documents control testing and associated findings into Archer GRC tool (Archer).
• Performs information security maturity assessments on Experian’s cybersecurity capabilities in alignment with NIST CSF.
• Compiles management reports, summary analysis, and detailed presentations to describe risk, controls, and maturity assessments.

• 4+ years’ experience performing IT/Information Security regulatory reviews and/or control assessments.

• Bachelor’s degree in computer science, management information systems or relevant field or equivalent demonstrable experience.

• Experience responding to regulatory compliance self-assessments and action items. 

• Strong knowledge of information security frameworks such as ISO 27001, NIST, PCI, and HIPAA.

• CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor or comparable certifications preferred.

• Process driven and has eye for detail.

• Strong verbal and written communication skills, and the ability to articulate risks and findings to senior management.

• Good collaboration and interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change.

• Experience with GRC tools, such as Archer preferred.

Experian is an Equal Opportunity Employer. Anyone needing accommodation to complete the interview process should notify the talent acquisition partner. The word "Experian" is a registered trademark in the EU and other countries and is owned by Experian Ltd. and/or its associated companies.

EOE including Disability/Veterans

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Allen, Texas, United States

📁 Information Technology & Systems

Allen, Texas, United States

📁 Information Technology & Systems

Allen, Texas, United States

📁 Information Technology & Systems

Privacy Policy  |  Online Community  |  Press  |  Investor Relations