Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money.
We operate across a range of markets, from financial services to healthcare, automotive, agribusiness, insurance, and many more industry segments.
We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.
Job Description
Principal Responsibilities
- Collaborate with technical and business teams to address security flaws and implement remediation plans.
- Oversee application security tasks, ensuring alignment with audit requirements and internal policies.
- Support change and incident management processes, with a focus on high-priority incidents (P1 & P2).
- Provide guidance to development and support teams on security-related ticket requirements and process expectations, ensuring SLA compliance.
- Act as a liaison with internal stakeholders to ensure clear communication and quality engagements.
- Support governance and administrative functions, including audit preparation and policy development.
- Compile and deliver regular reports, including weekly, monthly, and OSM-specific security metrics.
Required Key Skills (Functional/Technical)
Application Security & Vulnerability Management
- Familiarity with Common Vulnerability Scoring System (CVSS)
- Experience with tools like OWASP ZAP, Veracode, Rapid7 (on-prem), and Wiz.IO (cloud vulnerability management and CSPM)
- Track and assist in the closure of identified vulnerabilities, working closely with IT and Development teams
- Review and maintain secure configurations for systems, applications, and network devices
- Working knowledge of encryption, authentication, and secure data transmission
- Knowledge of network security principles and firewall configurations
- Familiarity with SSO and MFA using OKTA, and directory services such as MS Active Directory
- Experience with CyberArk PAM for privileged access management
- Use of Splunk SIEM for real-time threat detection and log analysis
- Review and optimise SIEM use cases to enhance threat detection and response capabilities
- Experience with Tanium and MS Defender for server and endpoint security management
- Familiarity with IBM Guardium for database activity monitoring
- Exposure to Cyera for data identification and classification
- Experience with Wiz.IO for cloud security posture management (CSPM) and IaC scanning
- Understanding of secrets management using AWS Secrets Manager, Azure Key Vault, or GCP Secrets Manager
- Familiarity with Thales and AWS KMS/HSM for key management
- Knowledge of SailPoint for identity governance
- Experience with CyCognito for external attack surface management
- Familiarity with Imperva for WAF, DDoS, and botnet protection
- Exposure to ProofPoint and MS Office365 Message Security for email security
- Use of 1Password for credential management
- Awareness of Netwrix for password policy enforcement
Qualifications
Qualifications
- Educational Background
- Degree or equivalent qualifications and experience in Computer Science, Information Technology, Data or a related field Technical & Security Experience
- Experience with automated and manual methods for evaluating security controls in both on-prem and cloud environments
- Experience in monitoring and reporting on security flaws and supporting related remediation activities
- Familiarity with change management processes in technology environments Risk, Controls & Compliance
- Contribute to accurate statistical reporting on the market’s IT security posture
- Ensure first line of defence (1LoD) ownership of non-compliance issues, exception justifications, mitigation controls, and risk documentation
- Ensure accuracy and timely completion of control testing and remediations
- Collaborate with Security Partners, RISOs and other governance functions to drive remediation of identified security deficiencies
- Ability to compile management reports and presentations on technical risks, controls, and deficiencies Communication & Collaboration
- Strong ability to communicate complex information clearly and effectively
- Good collaboration, relationship-building, and interpersonal skills
- Act as primary liaison with internal, local and regional stakeholders, ensuring quality engagements and clear progress updates
Additional Information
Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward & recognition, volunteering... the list goes on. Experian's people first approach is award-winning; World's Best Workplaces™ 2024 (Fortune Top 25), Great Place To Work™ in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here