Information Security Control Assurance Manager

Company Description

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to accomplish their financial goals and help them save time and money.

We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at experianplc.com.

• Oversee information security control testing program following Experian's risk management framework, working with teams and partners across multiple regions.
• Oversee a team of security control testers responsible for assessing information systems, platforms, and operating procedures following established corporate standards for security.
• Design repeatable testing methodologies to support control assurance testing, including automated testing steps for cloud environments.
• Ensure control tests are well-planned, including risk identification, sampling, selection of controls, testing methods, and reporting criteria.
• Compile management reports, summary analysis, and detailed presentations to describe risk, controls, and control deficiencies to multiple partners.
• Improve the efficiency of the control testing program by ensuring Goals are measurable and testing materials are standardized.

• Experience managing a team of IT auditors or Information Security control assessors.
• Experience performing IT Audit or Information Security control assessments, with specific experience testing cloud security controls.
• Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent.
• Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001/27002, CIS Controls, COBIT.
• Experience with current automated and manual industry methods for evaluating security controls on prem and in cloud environments.

• Knowledge of security controls provided by tools such as Sailpoint, Rapid7, Wiz.io, MS Defender.
• Experience with cloud security controls within environments such as AWS and Azure.
• Experience using automation, data driven testing techniques and generative AI to gain efficiency in control assurance.
• Big 4 accounting experience.
• Experience creating queries and reports using RSA Archer and ServiceNow.

• Great compensation package and discretionary bonus plan
• Core benefits include pension, bupa healthcare, sharesave scheme and more
• 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.