Information Security Controls Specialist Senior
- Heredia
- Legal & Compliance
- Permanent
- Hybrid
- Full Time
As a Senior Control Assurance Assessor, you'll test security controls both on-premise and in the cloud to ensure design implementation, safeguarding Experian's assets. You'll assess control design, performance, and compliance with standards and regulations, reporting to the Information Security Control Assurance Testing Manager. Identifying gaps, documenting findings, and recommending improvements to mitigate risks are important responsibilities. Using data-driven testing techniques and a defined methodology, you'll collaborate to ensure controls meet current risks and regulatory requirements.
Primary Responsibilities
- Conduct security control assessments, using documented control activities (where they exist) and regulatory requirements.
- Develop test plans, test cases, and procedures, applying data from security tools to capture evidence.
- Use queries and dashboards to identify potential control failures as part of the control testing process.
- Ensure the accuracy and timely completion of control testing, providing peer review.
- Document findings, including root cause analysis and applicable recommendations for remediation.
- Be the primary liaison with partners, delivering clear progress updates and results.
- Contribute lessons learned by integrating partner feedback to improve the control testing program.
About us, but we'll be brief
Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses, and society.
Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to accomplish their financial goals and help them save time and money.
We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. Also, for the last five years we've been named in the 100 "World's Most Innovative Companies" by Forbes Magazine. Experian prioritizes our culture and look to bring people to the team who are passionate about their jobs, who are easy to work with, and who continue to value team over self.
We have 23,000 people operating across 44 countries and every day we're investing in new technologies, experienced people, and new ideas to help all our clients maximize every opportunity.
What your background is
- A bachelor's degree in computer science, management information systems, or a relevant field, or equivalent demonstrable experience.
- 5+ years' of experience in Information Security or Information Technology
- 3+ years' experience performing IT Audit or security control testing.
- Knowledge of internal audit methodologies, including risk assessment, execution, and reporting.
- Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001/27002).
- Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws.
- Experience with sector-specific frameworks (e.g., HIPAA, PCI).
Technical Skills
- Proficiency with security tools (SailPoint, Rapid7, Wiz.io, MS Defender, SIEM, vulnerability management, penetration testing).
- Knowledge of cloud technologies (AWS, Azure).
- Experience using generative AI (e.g., ChatGPT) for test strategies, reports, and communications.
- Skills in automation and analytics tools (Excel, Tableau, Alteryx, or PowerBI).
- Create queries and reports in RSA Archer and ServiceNow.
- Familiarity with Kanban boards and Jira.
Desired Competencies
- Understanding of cybersecurity principles and organizational requirements.
- Experience applying governance, risk, and control principles.
- Experience in automated and manual testing of security controls.
- Experience facilitating meetings and conveying complex ideas.
- Data collection, validation, analysis, and interpretation.
- Experience Researching and applying latest technologies.
- Experience with Agile methodology.
- Big 4 accounting experience.
- Hold a professional certification such as CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor, or equivalent.
This is a permanent hybrid role in Costa Rica. No relocation available.
Culture at Experian
Our uniqueness is that we value yours.
Experian's culture, people, and environments are main differentiators. We take our people's agenda very seriously. We focus on what matters; diversity and inclusion, work/life balance, flexible work, development, engagement, collaboration, wellness, rewards & recognitions, volunteering... the list goes on!
Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here
#LI-Hybrid
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a successful, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is necessary to our purpose of creating a better tomorrow. For us, this is The Power of YOU and it ensures that we live what we believe.
Explore Experian's award winning 'people first' culture.
Being part of Experian is exciting. Every day brings new challenges, new opportunities, new ways for us to do what we do best: using our innovative technologies and data to work in new and surprising ways. All brought together in a single thought: Discover the Unexpected.
Learn moreRecommended Jobs
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Serasa Experian
Remote working available
No
Description
Job description Esta posição é responsável por supervisionar todas as atividades em andamento relacionadas ao desenvolvimento, implementação, manutenção e adesão às políticas e procedimentos globais q
Reference
c76cf7cc-53cd-4d03-bdef-4b5da828a041
Expiry Date
01/01/0001
Salary
Location
Blumenau, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Blumenau
Role Type
Hybrid
Schedule
Full Time
Department
Sales & Business Development
Brand
PagueVeloz
Remote working available
No
Description
Atuar de forma analítica, estratégica e proativa na operação da PagueVeloz, promovendo a melhoria contínua dos processos, utilizando dados para gerar insights e apoiar a tomada de decisões. Ser referê
Reference
a58f0171-40d2-4930-8723-899172d30e75
Expiry Date
01/01/0001
Salary
Location
Bogotá, Colombia
Experience Level
Not Applicable
Employment
Permanent
Location
Bogota
Role Type
Hybrid
Schedule
Full Time
Department
Analytics
Brand
Experian
Remote working available
No
Description
Propósito del cargo:Apoyar en la generación de insights a partir del análisis y transformación de datos, identificando patrones y oportunidades de mejora para convertirlos en recomendaciones accionabl
Reference
961fb9a3-3012-4787-aff2-aa7ef3659868
Expiry Date
01/01/0001
Salary
Location
Recife, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Recife
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Serasa Experian
Remote working available
No
Description
Documentar, otimizar e manter especificações, componentes, código-fonte, módulos e recursos das funcionalidades desenvolvidas. Code Review de demais integrantes da squad, reforçando a importância da q
Reference
626ad410-6f06-4312-b18d-71cd5890534a
Expiry Date
01/01/0001
Salary
Location
Hyderabad, India
Experience Level
Not Applicable
Employment
Permanent
Location
Hyderabad
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
About the Role:Experian is looking for an experienced Scrum Master to join our dynamic team. You will facilitate Agile ceremonies, remove impediments, and support Scrum teams while also handling light
Reference
96a35f61-1978-469f-bd2d-cf8aa27aa9df
Expiry Date
01/01/0001
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hybrid
Schedule
Full Time
Department
Data Management
Brand
Serasa Experian
Remote working available
No
Description
Nossa área está no escopo da ISO-9001, com processos descritos e bem definidos, e estamos em busca de pessoas dispostas a aprender as regras de negócio, ferramentas utilizadas e capacidade de articula
Reference
5921c791-971b-4bfd-af60-6dc5fc6b1f86
Expiry Date
01/01/0001
Salary
Location
Hyderabad, India
Experience Level
Not Applicable
Employment
Permanent
Location
Hyderabad
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
We are looking for a experienced Azure Cloud DevOps Engineer to join our team. You have a strong background in DevOps practices, cloud solutions, and network engineering in Microsoft Azure. Your role
Reference
44b87338-6d03-4e19-b0ba-2a3c6a935976
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
As a Digital Analytics Specialist, you will help guide data-driven decision-making within our global platform and product teams.Reporting into Senior UX Researcher your primary responsibility will be
Reference
dfdb6f47-4830-4b0b-ad13-4e2265708d70
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
We are looking for Senior Software Engineer with Java to join PowerCurve Collections Software Engineering Group. PowerCurve® Collections is our debt management system that enables our clients to maxi
Reference
537303d1-38da-4e37-a172-94dd9f5334ea
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Finance
Brand
Experian
Remote working available
No
Description
As a Junior Financial Analyst you will provide support to the assigned region across management and general accounting, financial analysis, reporting, forecasting and the conversion of data into manag
Reference
9499bef8-cb4f-4e99-9024-d2f90bd5d6bc
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Experian
Remote working available
No
Description
Reporting to the Senior Controls Testing Manager, the Global ICFR Testing Manager will drive the testing methodology, including the risk assessment, planning and execution of assurance activity over c
Reference
56648468-f5be-4721-883b-5ed9efa971fb
Expiry Date
01/01/0001
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hub
Schedule
Full Time
Department
Sales & Business Development
Brand
Serasa Experian
Remote working available
No
Description
Área: PMESubárea: Inside SalesResumo da função: Este profissional realizará vendas de produtos digitais via canais de voz e digitais, prospectará novos clientes B2B (empresas), apresentará soluções d
Reference
ceaee15c-e815-43aa-ae54-b659917c8bac
Expiry Date
01/01/0001
Salary
Location
Cyberjaya, Malaysia
Experience Level
Internship
Employment
Contract
Location
Cyberjaya
Role Type
Hybrid
Schedule
Full Time
Department
Human Resources
Brand
Experian
Remote working available
No
Description
What you’ll need to bring to the roleIdentifying improvements and document stakeholder needs and business requirementsResearch, analyse and interpret complex information to support the redesign of an
Reference
cb09156e-74d9-45e3-b5a2-4b5c7f83e698
Expiry Date
01/01/0001
Salary
Location
Nottingham, England
Experience Level
Not Applicable
Employment
Permanent
Location
Nottingham
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Experian
Remote working available
No
Description
The Group Risk Operational Risk Manager is an important role within the Operational Risk team which forms part of the wider Group Risk Function.Reporting into our Global Head of Operational Risk, you
Reference
ba03a05a-7f66-4e3b-ab7f-3cee3f6586f7
Expiry Date
01/01/0001
Salary
Location
London, England
Experience Level
Not Applicable
Employment
Permanent
Location
London
Role Type
Home
Schedule
Full Time
Department
Sales & Business Development
Brand
Experian
Remote working available
No
Description
Experian's B2B Go-To-Market function is looking for a Pre-Sales Consultant with deep expertise in Know Your Business (KYB), Perpetual KYB (pKYB) and KYC and Financial Crime data solutions to support o
Reference
4029f226-849a-4818-ad9d-a922a7babd72
Expiry Date
01/01/0001
Salary
Location
Sofia , Bulgaria
Experience Level
Entry Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Finance
Brand
Experian
Remote working available
No
Description
Тhe Credit Controller makes sure that all Experian clients are paying on time. Also, reporting to the Account Receivable Supervisor you will work for reducing the aged debt and maximize the cash colle
Reference
370aa8c0-8e41-4b51-82f6-b98b4acb30ec
Expiry Date
01/01/0001