Information Security Specialist at Equifax Inc. in Alpharetta, Georgia

Job Description:

Our US Information Solutions (USIS) organization is currently in the process of consolidating various BU technology and business functions. The Information Security Specialist will support the Technology Information Security Officers (TISO's) in all of their daily engagements with IT. You will provide oversight and advice to ensure that a portion of the Information Security policy is complied with for processes and systems used by assigned Business Unit or Country. You will assist in improving the information security posture with respect to delivering services to customers and customers and understanding key assets and processes. You will also work within an assigned team to champion security initiatives that support both the Security Program as well as Business Unit / Country and Customer priorities.

T o adhere to our corporate location policies, this resource will be required to be local to the surrounding Atlanta areas (or willing to relocate for this position) and adhere to our Return To Office (RTO) / weekly onsite requirements (Tuesday, Wednesday, and Thursday). This is an Alpharetta based position.

What you will do

• Support management of the security exception, risk assessment, new development security assessment and similar security related processes
• Collaborate with risk detection, execution and follow-up of potential findings.
• Work closely with IT application team to develop a secure code and follow the security controls in their Secure SDLC process
• Engage on the BAU process such as validating exceptions, deviations, architecture review and security advisements
• Support the engineering team in the cloud transformation
• Follow up on the M&A integration with the respective teams to ensure security controls are in place until the integration is fully completed.
• Support Customer Audit, Business and Compliance ISOs by prioritizing jobs
• Is strategically involved in key security decision making such as for security exceptions for assigned area
• Act as the key local security contact for the assigned area
• Act as a local escalation contact for security risks, issues, and developments
• Attain a clear understanding of the business data lifecycle, initiatives and proactively advise management and appropriate personnel about potential risks that may have a material impact on the business, bottom line and/or performance
• Arbitrate customer requirements for expeditious issue resolution
• Assist with review of contractual security requirements and customer security compliance questionnaires
• Facilitate and manage customer security audits and requests. Coordinate and manage remediation efforts
• Provide security guidance for new projects and innovations to ensure security best-practices are implemented and minimize risk and exposure to the business
• Conduct compliance monitoring and reviews and lead security process enhancement efforts
• Demonstrate business value related to security programs
• Communicate security risks in business terms that can be clearly understood at all levels of the organization
• Provide expertise and be directly involved in the investigation and resolution of security events, and assist with disciplinary and legal matters associated with such events

What experience you need

• Bachelor's degree In Computer Science, Information Security and other related degrees required
• 5 to 7 years of relatable security experience in the areas such IT infrastructure, Network Security, Application Security, Risk Management, Customer Audit, Internal IT audit, IT Program / Project management

• Several years experience working in one or more information security domains, such as those listed above.
• Familiarity and/or experience with cloud security preferred. Google Cloud experience preferred
• CISSP, CISM, CISA, Security + or Google, AWS or Azure cloud related certification is a strong plus
• Demonstrated professional experience working in-depth with processes, process improvement and execution, metrics, and reporting; where writing and visual design (slides) were central elements of success in the role.
• Experience with security methodologies, policies, standards and industry best practices
• Strong foundational skills and prior work experience in one or more information security domains, such as engineering, control operations, architecture, threat / vulnerability / incident management, cybersecurity, technical risk analysis, etc.
• Strong communication skills including strong verbal presentation skills. Able to present and communicate at all levels of the organization including senior management
• Viewed as an expert in information security with strong analytical skills who is able to interpret complex information and adapt as needed
• Experience working in matrix environment with globally diverse team members
• Regularly makes decisions that is guided by policies, procedures and/or guidelines from which there is some discretion to depart

#LI-Hybrid