About this role
As an Information Security Controls Automation Specialist, you will be part of a team responsible for evaluating and testing the effectiveness of security controls both on-premises and in the cloud, to ensure they are robustly designed and effectively implemented to safeguard Experian's assets.
You will automate the review of security controls by reducing manual effort and increasing assessment efficiency. The role blends cybersecurity governance, risk and compliance (GRC) and automation engineering to refine evidence collection and control validation crucial for supporting the security organization's control assurance program.
You will collaborate with control owners, engineers, and the security control assurance team to identify automation opportunities, implementing scripts or integrations for both on-prem and cloud environment tools and validating outputs against the security controls and defined test steps.
Summary of Primary Responsibilities
Analyze and automate existing manual test steps for assessing operating effectiveness of security controls in both cloud and on-prem environmentsDevelop automated control mechanisms (e.g. scripts, APIs, compliance dashboards), integrating validation logic into CI/CD pipelines, cloud environments, and endpoint tools.Allow continuous control monitoring (CCM) by developing reusable logic and ensuring automated controls produce evidence fit to support control assessments.Develop dashboards visualizing compliance status and resolve platform integration errors.Analyze false positives and lead remediation of those indicators.Maintain a control automation backlog and document all automated control logic, control mappings and system configurations. Qualifications
5+ years of experience in automation development.A bachelor's degree in computer science, management information systems, relevant field, or equivalent demonstrable experience.Knowledge of security tooling (e.g. SIEM, Identity and Access Management platforms, DLP), cloud platforms (AWS, GCP, Azure), Infrastructure as Code (Terraform) and scripting languages (e.g. Python, JavaScript, Ruby, C#, PowerShell).Experience with workflow automation platform tines.io is beneficial.Experience with Open Policy Agent (OPA) and Rego.Knowledge of cloud architecture and cybersecurity domains and principles.Experience in efficiency and risk reduction.Professional certification such as AWS Solutions Architect, CCSP, CISSP, CRISC, ISO 27001 Lead Auditor, or equivalent.Experience with information security control testing methodologies, information security risk assessments, and auditing tools is beneficial. Our benefits include: Medical, life and dental insurance, Asociación Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Birthday day off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
Our uniqueness is that we celebrate yours. Experian's culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI, work/life balance, development, authenticity, collaboration, wellness, reward and recognition, volunteering... the list goes on. Experian's people first approach is award-winning; World's Best Workplaces™ 2024 (Fortune Top 25), Great Place To Work™ in 24 countries, and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
#LI-Hybrid