Vacancy caducado!
TransUnion's Job Applicant Privacy Notice
What We'll Bring:TransUnion is looking for a senior security leader who is skilled in multiple technical domains and enjoys leading the development of technology strategies that address the evolving threat landscape. This position will be a lead in the endpoint and security tool engineering and Security Orchestration, Automation, and Response Teams and will play a significant role in the overall transition of the information security team to enable the accelerated maturity of our security program.What You'll Bring:This role will be focused on helping advance and enhance TransUnion's security capabilities and act as driving force behind our strategy related to control optimization and alignment to business goals. The role entails:- Lead multiple teams across a large breadth of security engineering and toolsets to include EDR, A/V, SOAR, EUBA, Application Security, Vulnerability Management, and DLP.
- Engage with Information Security Architecture to provide deep technical expertise that represents Cyber Threat/Defense and Security Operations.
- Coordinate with the Security M&A team to ensure that Cyber Defense engineering and operational teams have a clear integration path and playbook for M&As.
- Take a metric/data driven approach to identify gaps in processes, framework, etc, and increase the use of automation to drive engineering and operational excellence in 24x7, high volume, high availability, and critical environments.
- Driving strategy development and execution across multiple technical domains (i.e. Endpoint Security, Cloud Security, Cyber Operations, etc.) and advance TransUnion's Security program maturity.
- Continually provide technical coordination, oversight, and leadership for teams and serve as an escalation point for complex engineering and operational issues.
- Build and maintain relationships with other global and virtual teams and vendors to quickly solve for capability gaps and/or resolve issues.
- Develop and position solutions and create roadmaps for multiple capabilities and actively seek endorsement from stakeholders (a product/capability-centric approach).
- Mentor junior team members, develop departmental procedures and best practices standards
- Ensure that information security and risk management are embedded within the culture requiring continuous improvement to a complex set of functions to coordinate security and compliance risks related to Cyber Defense systems and assets.
- Demonstrated ability to meet deadlines and commitments in a highly dynamic and fast-paced environment.
- Understanding of fundamentals for securing public cloud environments (AWS, GCP, Azure)
- Demonstrate understanding with addressing zero-day threats, intrusions, malware infection and experience with packet analysis.
- Establish credibility throughout the organization by earning the reputation for being a proactive senior leader and change agent.
- Excellent interpersonal, facilitation, and leadership skills along with effective communication (both written and verbal) skills.
- Knowledge of the financial services and payment systems area (or other critical infrastructure areas) with an emphasis on information security.
- Skilled at mentoring and motivating staff, communicating goals and other corporate initiatives and driving to results.
- Understanding of systems engineering concepts to mature engineered solutions with automation and optimization in mind
- Extensive experience in leading technical teams in designing, implementing, and providing cost management for complex information security solutions across multiple security domains.
- Experience in an enterprise Cybersecurity solutions in mission-critical, 24x7 production environments
- Be able to bridge the multiple highly technical engineering domains into security operations while planning for sophisticated operations and automation.
- Practice with designing, building, and operationalizing environments aligned to global standards such as PCI, SOC2, etc.
- Ability to understand systems from all levels, from the "big picture" enterprise-level view to the low level technical view.
- Experience with operationally leveraging Cybersecurity frameworks such as NIST CSF, Microsoft Security Configuration Framework and MITRE ATT&CK.
- Demonstrate understanding of defense in depth concepts and supporting security technologies, including but not limited to: endpoint protection, network access control, Web Isolation, file integrity monitoring, Data loss Protection, firewalls, IDS/IPS, SIEM, application security controls, identity management / federated identity services and public key infrastructure.
- Ability to represent technical and business issues and solutions to multiple levels internally and externally to support strategic organizational plans
- Demonstrate ability to work in a complex organization to determine business and customer needs, providing the best solution to meet those needs
Vacancy caducado!