Security Analyst – Risk, Applications & Infrastructure
- Heredia
- Product Development
- Permanent
- Hybrid
- Full Time
This vacancy has now expired. Please see similar roles below...
Experian Employer Services, Verifications, and Housing (EVH) is seeking a motivated professional to join its product information security team as a Security Analyst focused on managing risks and vulnerabilities for both applications and infrastructure within a cloud-first environment. The Security Analyst will play a critical role in safeguarding the integrity, resilience, and compliance of Experian’s IT systems, ensuring alignment with regulatory and security frameworks.
This role will integrate security practices across product, infrastructure and application layers, assessing vulnerabilities and implementing best practices to mitigate risks. Additionally, this position will support security audits and compliance efforts by evaluating systems against established control frameworks, identifying deficiencies, and driving remediation efforts.
You will collaborate closely with our partner teams as well as product, applications, and platform teams to implement security controls, audit compliance, and enhance security governance. The ideal candidate has experience in security controls, IT audits, risk management, vulnerability management, and cloud security, with the ability to work collaboratively across multiple teams.
Key Responsibilities
- Risk Management & Governance:
- Identify, assess, and mitigate security risks related to IT applications and infrastructure.
- Develop and implement risk management frameworks to ensure continuous monitoring and improvement of security postures.
- Work with stakeholders to define and implement security policies and guidelines aligned with risk tolerance.
- Facilitate risk assessments and security reviews across business units and IT environments.
- Compliance & Audit Functions:
- Evaluate IT applications and infrastructure against security control frameworks (e.g., NIST, ISO 27001, CIS, SOC 2).
- Conduct internal security audits to assess compliance with corporate security policies and regulatory requirements.
- Identify gaps in security controls, document findings, and support remediation planning.
- Maintain documentation and evidence for security audits and regulatory assessments.
- Vulnerability Management:
- Collaborate with teams to analyze, categorize, and prioritize vulnerabilities based on severity, potential impact, and likelihood of exploitation.
- Track vulnerability remediation efforts and ensure timely patching and risk mitigation.
- Conduct regular security assessments of applications, APIs, cloud infrastructure.
- Security Operations & Monitoring:
- Monitor security tools and analyze logs for signs of suspicious activity, vulnerabilities, or policy violations.
- Assist with security incident response, forensic analysis, and remediation plans.
- Engage with internal and external stakeholders, including Experian’s Cyber Fusion team, to enhance security posture.
- Security Best Practices & Governance:
- Act as a Security Champion, training and mentoring teams on security best practices, secure coding, and compliance.
- Assist in tracking and improving security control effectiveness across business units.
- Promote a culture of security awareness through training and engagement programs.
- Security Technology & Automation:
- Support the integration of security tools into CI/CD pipelines to enable automated security testing.
- Utilize security tooling (SAST/SCA/DAST/CSPM/DSPM) to evaluate and improve security posture.
- Enhance API security practices and application security testing methodologies.
- Collaboration & Reporting:
- Work cross-functionally to drive security improvements.
- Generate reports for management on vulnerability status, security incidents, and audit findings.
- Ensure alignment of security initiatives with business objectives and risk tolerance.
Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. Also, for the last five years we've been named in the 100 "World's Most Innovative Companies" by Forbes Magazine. With a focus on our employees, we have been certified for the third time as Great Place To Work (GPTW). Experian Consumer Information Services is redefining the way our clients do business within the customer credit lifecycle. Fueled by the best data and technology we help businesses make smarter decisions, identify consumers, make decisions on loans, market to prospects and collect.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience).
- Industry certifications such as CISSP, CISM, CEH, CCSP, or CISA are a plus.
- Understanding of cloud platforms (AWS, Azure) and cloud security best practices.
- Experience with vulnerability scanning and assessment tools for applications and infrastructure.
- Familiarity with security frameworks and compliance standards (NIST, ISO 27001, SOC 2, CIS Benchmarks).
- Proficiency in security testing, penetration testing, and vulnerability analysis.
- Knowledge of security monitoring tools, intrusion detection systems, and SIEM solutions.
- Ability to assess security risks, prioritize vulnerabilities, and recommend remediations.
- Experience conducting security audits and control evaluations.
- Strong problem-solving skills and ability to work collaboratively in cross-functional teams.
- Effective written and verbal communication skills for both technical and non-technical audiences.
This is a permanent remote home-based role in Costa Rica. No relocation available.
Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is a critical part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.
#LI-ML2 #LI-Remote
Explore Experian's award winning 'people first' culture.
Being part of Experian is exciting. Every day brings new challenges, new opportunities, new ways for us to do what we do best: using our innovative technologies and data to work in new and surprising ways. All brought together in a single thought: Discover the Unexpected.
Learn moreRecommended Jobs
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Serasa Experian
Remote working available
No
Description
Job description Esta posição é responsável por supervisionar todas as atividades em andamento relacionadas ao desenvolvimento, implementação, manutenção e adesão às políticas e procedimentos globais q
Reference
c76cf7cc-53cd-4d03-bdef-4b5da828a041
Expiry Date
01/01/0001
Salary
Location
Blumenau, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Blumenau
Role Type
Hybrid
Schedule
Full Time
Department
Sales & Business Development
Brand
PagueVeloz
Remote working available
No
Description
Atuar de forma analítica, estratégica e proativa na operação da PagueVeloz, promovendo a melhoria contínua dos processos, utilizando dados para gerar insights e apoiar a tomada de decisões. Ser referê
Reference
a58f0171-40d2-4930-8723-899172d30e75
Expiry Date
01/01/0001
Salary
Location
Bogotá, Colombia
Experience Level
Not Applicable
Employment
Permanent
Location
Bogota
Role Type
Hybrid
Schedule
Full Time
Department
Analytics
Brand
Experian
Remote working available
No
Description
Propósito del cargo:Apoyar en la generación de insights a partir del análisis y transformación de datos, identificando patrones y oportunidades de mejora para convertirlos en recomendaciones accionabl
Reference
961fb9a3-3012-4787-aff2-aa7ef3659868
Expiry Date
01/01/0001
Salary
Location
Recife, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Recife
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Serasa Experian
Remote working available
No
Description
Documentar, otimizar e manter especificações, componentes, código-fonte, módulos e recursos das funcionalidades desenvolvidas. Code Review de demais integrantes da squad, reforçando a importância da q
Reference
626ad410-6f06-4312-b18d-71cd5890534a
Expiry Date
01/01/0001
Salary
Location
Hyderabad, India
Experience Level
Not Applicable
Employment
Permanent
Location
Hyderabad
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
About the Role:Experian is looking for an experienced Scrum Master to join our dynamic team. You will facilitate Agile ceremonies, remove impediments, and support Scrum teams while also handling light
Reference
96a35f61-1978-469f-bd2d-cf8aa27aa9df
Expiry Date
01/01/0001
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hybrid
Schedule
Full Time
Department
Data Management
Brand
Serasa Experian
Remote working available
No
Description
Nossa área está no escopo da ISO-9001, com processos descritos e bem definidos, e estamos em busca de pessoas dispostas a aprender as regras de negócio, ferramentas utilizadas e capacidade de articula
Reference
5921c791-971b-4bfd-af60-6dc5fc6b1f86
Expiry Date
01/01/0001
Salary
Location
Hyderabad, India
Experience Level
Not Applicable
Employment
Permanent
Location
Hyderabad
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
We are looking for a experienced Azure Cloud DevOps Engineer to join our team. You have a strong background in DevOps practices, cloud solutions, and network engineering in Microsoft Azure. Your role
Reference
44b87338-6d03-4e19-b0ba-2a3c6a935976
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
As a Digital Analytics Specialist, you will help guide data-driven decision-making within our global platform and product teams.Reporting into Senior UX Researcher your primary responsibility will be
Reference
dfdb6f47-4830-4b0b-ad13-4e2265708d70
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Product Development
Brand
Experian
Remote working available
No
Description
We are looking for Senior Software Engineer with Java to join PowerCurve Collections Software Engineering Group. PowerCurve® Collections is our debt management system that enables our clients to maxi
Reference
537303d1-38da-4e37-a172-94dd9f5334ea
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Finance
Brand
Experian
Remote working available
No
Description
As a Junior Financial Analyst you will provide support to the assigned region across management and general accounting, financial analysis, reporting, forecasting and the conversion of data into manag
Reference
9499bef8-cb4f-4e99-9024-d2f90bd5d6bc
Expiry Date
01/01/0001
Salary
Location
Sofia, Bulgaria
Experience Level
Mid-Senior Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Experian
Remote working available
No
Description
Reporting to the Senior Controls Testing Manager, the Global ICFR Testing Manager will drive the testing methodology, including the risk assessment, planning and execution of assurance activity over c
Reference
56648468-f5be-4721-883b-5ed9efa971fb
Expiry Date
01/01/0001
Salary
Location
São Paulo, Brazil
Experience Level
Not Applicable
Employment
Permanent
Location
Sao Paulo
Role Type
Hub
Schedule
Full Time
Department
Sales & Business Development
Brand
Serasa Experian
Remote working available
No
Description
Área: PMESubárea: Inside SalesResumo da função: Este profissional realizará vendas de produtos digitais via canais de voz e digitais, prospectará novos clientes B2B (empresas), apresentará soluções d
Reference
ceaee15c-e815-43aa-ae54-b659917c8bac
Expiry Date
01/01/0001
Salary
Location
Cyberjaya, Malaysia
Experience Level
Internship
Employment
Contract
Location
Cyberjaya
Role Type
Hybrid
Schedule
Full Time
Department
Human Resources
Brand
Experian
Remote working available
No
Description
What you’ll need to bring to the roleIdentifying improvements and document stakeholder needs and business requirementsResearch, analyse and interpret complex information to support the redesign of an
Reference
cb09156e-74d9-45e3-b5a2-4b5c7f83e698
Expiry Date
01/01/0001
Salary
Location
Nottingham, England
Experience Level
Not Applicable
Employment
Permanent
Location
Nottingham
Role Type
Hybrid
Schedule
Full Time
Department
Legal & Compliance
Brand
Experian
Remote working available
No
Description
The Group Risk Operational Risk Manager is an important role within the Operational Risk team which forms part of the wider Group Risk Function.Reporting into our Global Head of Operational Risk, you
Reference
ba03a05a-7f66-4e3b-ab7f-3cee3f6586f7
Expiry Date
01/01/0001
Salary
Location
London, England
Experience Level
Not Applicable
Employment
Permanent
Location
London
Role Type
Home
Schedule
Full Time
Department
Sales & Business Development
Brand
Experian
Remote working available
No
Description
Experian's B2B Go-To-Market function is looking for a Pre-Sales Consultant with deep expertise in Know Your Business (KYB), Perpetual KYB (pKYB) and KYC and Financial Crime data solutions to support o
Reference
4029f226-849a-4818-ad9d-a922a7babd72
Expiry Date
01/01/0001
Salary
Location
Sofia , Bulgaria
Experience Level
Entry Level
Employment
Permanent
Location
Sofia
Role Type
Hybrid
Schedule
Full Time
Department
Finance
Brand
Experian
Remote working available
No
Description
Тhe Credit Controller makes sure that all Experian clients are paying on time. Also, reporting to the Account Receivable Supervisor you will work for reducing the aged debt and maximize the cash colle
Reference
370aa8c0-8e41-4b51-82f6-b98b4acb30ec
Expiry Date
01/01/0001