This job posting isn't available in all website languages
Experian Careers Job Search

Information Security Specialist

Legal & Compliance
197663 Requisition #

The Experian Global Security Office (EGSO) Information Security Consultant provides consulting and assurance services to business. There are two major aspects to this position - (1) providing consulting services to business as businesses engage GSO to provide guidance with respect to new projects or development or technology deployments / enhancements and (2) Providing security assurance assessments services for existing or new environments. The position requires a strong ability to interface with technical and business experts and articulate the risk in business terms. The position requires the individual to quickly understanding the business environment, critical products and processes, internal and external standards and regulations and building excellent relationships across Experian globally.



The Information Security Consultant is responsible for, but not limited to, the following:



  • Perform security assessments for new projects. This includes but is not limited to new application development projects, data center builds and any other new technology or infrastructure builds/enhancements.
  • Working with senior stakeholders, SMEs and project management to ensure security requirements are understood and implemented as part of the project lifecycle. The responsibilities also include staying with the project through the cycle (from inception to product implementation) and validating the implementation, as needed.
  • Partner with businesses and technology to research and provide security guidance for projects involving new technologies or concepts (e.g. moving a core application to cloud, or developing mobile application, new authentication technology, encryption techniques or technologies, etc.). 
  • Perform periodic security assessment for existing environments – this includes but not limited to applications, systems/servers, network infrastructure, database and other technologies and processes. 
  • Perform deep dive security assessments for existing applications, technology or processes. This is done by walking through the processes how each control is implemented and obtaining evidence as desired.

  • The position requires on-going partnership (vs. one time guidance) to build environments and deploy technologies in a secure manner and mitigating risks beforehand – truly positioning security as an enabler of busines

  • Work with businesses and technology teams to capture non-compliance, ensuring justification, and mitigating controls are appropriately captured.

  • Work with program specialist team to develop and deploy a process to perform assessments and deliver formal assessment reports to business. This also includes working with the businesses to formally capture gaps and remedial actions within the GRC system.  

  • Develop KPI and prepare reporting metrics for the InfoSec consulting function and progress on enhancements initiatives

  • Escalate risks and details to business partners and Regional Information Security Officers (RISOs) as they appear.

  • Perform pre and post-acquisition assessments, develop formal reports

  • Identify information security deficiencies or risks to appropriate parties as soon as possible.

 #LI - SH1

  • Bachelor’s degree in computer science or relevant field or equivalent demonstrable experience

  • 4+ years of experience in security field specially around security assessments or audit field

  • Must have a strong technical background with prior hands-on experience a plus

  • Must have demonstrable experience and strong understanding of technologies in three or more of the following areas: advanced authentication technologies, Cloud security, mobile app development and security, SAML, switching and routing, network and end point security technologies, encryption and encryption key management,  database and application monitoring, networking, system hardening.

  • Ability, drive and motivation to research and provide the right guidance and find possible solutions. Ability to push back where the risk outweighs the benefits

  • Curiosity to ask questions and challenge status quo

  • Problem Solving & Analysis.

  • Process driven, and has eye for detail, automation and efficiency to improve programs/processes.

  • Good collaboration, relationship and interpersonal skills

CISA, CISM, CISSP, PCI QSA or comparable certifications preferred but not required. 


My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Nottingham, England, United Kingdom

📁 Legal & Compliance

Nottingham, England, United Kingdom

📁 Legal & Compliance

Privacy Policy  |  Online Community  |  Press  |  Investor Relations