Skip Navigation

Application and Infrastructure Vulnerability Team Manager

Experian is an Equal Opportunity Employer Job Number: 18119


Description: Thisrole will focus on providing team leadership, process and data governance and ensuringremediation solutions are managed effectively.You will be leading a small team that will consist of data analysts, andremediation experts.


  • Provides resource and technical leadership to the information vulnerability management process, including developing and managing the remediation activities
  • Identify and draft mitigation guidance for vulnerabilities with no vendor provided remediation
  • Review publicly disclosed vulnerabilities of vendor software/hardware products and develop the mitigation/remediation orders
  • Compile daily, weekly, monthly and annual vulnerability metrics associated with affected and non-compliant assets
  • Utilize tracking tools/capabilities in a vulnerability management system to review manually uploaded and automated information to report vulnerability mitigation and remediation progress
  • Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities
  • Assist with the prioritization of newly identified software/hardware vulnerabilities based upon severity, potential operational impact, exploitation, and other factors to assess risk to Experian assets
  • Conduct open source research to identify and analyze known and unknown vulnerabilities
  • Analyze known issues with vendor provided fixes and contact the appropriate vendor for a defined and attainable solution
  • Evaluation, investigation and resolution of security risk and incidents. Assist with vulnerability exceptions.
  • evaluate vulnerability scans for operational readiness and validate if vulnerabilities are false positives based on the Operating system and/or and application configuration.
  • Work proactively with IT Infrastructure partners with respect to strategic and tactical plans for information security
  • Provides technical leadership, oversight, standardization and validation of the effectiveness of the security systems
  • Provides guidance and educates the organization in risk management principles and practices
  • Communicates with Subject Matter Experts to determine expected impact and likelihood of loss events
  • Supports governance based on best practices and ensures proper alignment to projects and major initiatives
  • Leads analysis of the current environment to detect critical deficiencies and recommends solutions for improvement
  • Leads analysis of technology industry and market trends to determine their potential impact on the infrastructure architecture
  • Promotes the benefits of security services to the organization and educates all on security concepts


  • Trains and/or mentors other team members, and peers as appropriate
  • Identifies opportunities to enhance existing processes


  • Follows all defined IT standards and processes and provides input for improvements to the appropriate process owners as needed
  • Maintains a proper balance between business and operational risk

Knowledge, Experience & Qualifications

Knowledge, Experience & Qualifications

  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification and such as CISSP, CRISC, CISM
  • 10+ years of information technology leadership experience
  • Experience performing application and infrastructure risk assessments, remediation analysis and coaching
  • Experience implementing, managing or governing security technologies, including vulnerability scanning tools (i.e Veracode, Blackduck, Qualys, Nessus, etc.)
  • Technical leadership experience in a sourced environment
  • Project management skills
  • Excellent communication skills and problem solving ability
  • Demonstrated ability to work independently