The GRC Alignment and Engagement Sr. Advisor sits on the Technology GRC leadership team and plays a pivotal role in ensuring the seamless operation and strategic alignment of the organization's security initiatives. This position includes training and communication of security policies, ensuring risk assessment processes deliver on objectives, and making sure our company meets its compliance obligations with minimal friction. This role acts as a liaison between various departments within and outside of Information Security, facilitating communication and collaboration to enhance the organization's security posture. Responsibilities include coordinating security audits, preparing reports for senior management, and driving continuous improvement in security practices. Strong leadership, analytical skills, problem solving, and a solid understanding of information security principles are essential for success in this role.

What You'll Bring:

• 8+ years of experience in Information Security, IT Risk, IT or Cyber Program Management
• Demonstrated experience in cybersecurity risks and controls across key frameworks such as NIST CSF, CIS, ISO27001, PCI-DSS, etc.
• Bachelor's degree in IT, Computer Science, Business, or relevant field
• Strong problem-solving skills
• Excellent verbal and written communication
• Strong customer-focused attitude with the ability to listen, understand and respond timely to customers
• Engineering mind-set - We want to solve problems and challenges, not just raise them. The ideal candidate will have an engineering mindset where we create solutions and add value continuously.

Impact You'll Make:

Strategic Leadership:

• Work closely with the Information Security leadership to define/refine the overall cybersecurity vision and roadmap, particularly for GRC.
• Develop and communicate strategic priorities, ensuring alignment with business objectives.

Program Enablement and Management:

• Oversee the key GRC programs, including risk assessments, compliance audits, and policy development, ensuring risks/issues are identified and actioned.
• Ensure key requirements or risk mitigation activities are tracked, monitored and reported.
• Coordinate with internal and external stakeholders on GRC initiatives.

Training and Awareness:

• Collaborate with Infosec stakeholders to identify and implement ways to enhance security awareness across the organization
• Support security training initiatives including annual and targeted trainings
• Foster a security and risk aware culture across the organization.

Compliance:

• Oversee the execution of compliance assessment ensuring risks/issues and status are reported
• Partner with Legal and Compliance to evaluate future compliance requirements, and ensure initiatives are created to track any needed enhancements

Stakeholder Engagement:

• Engage with executive leadership, business units, and external partners.
• Provide regular updates on cybersecurity performance and initiatives.
• Drive cross-functional collaboration to achieve cybersecurity goals.

Metrics:

• Help define/refine key metrics used to evaluate overall program goals/objectives
• Track/report on KRIs and KPIs

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

Benefits:

TransUnion provides flexible benefits including flexible time off for exempt associates, paid time off for non-exempt associates, up to 12 paid holidays per year, health benefits (including medical, dental, and vision plan options and health spending accounts), mental health support, disability benefits, up to 12 weeks of paid parental leave, adoption assistance, fertility planning coverage, legal benefits, long-term care insurance, commuter benefits, tuition reimbursement, charity gift matching, employee stock purchase plan, 401(k) retirement savings with employer match, and access to TransUnion's Employee Resource Groups. Spousal, domestic partner, and other eligible dependent coverage is available on select health and welfare plans.

We are committed to being a place where diversity is not only present, it is embraced. As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, genetic information, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.

Pay Scale Information :

The U.S. base salary range for this position is $142,500.00 - $237,500 annually. *The salary range for this position reflects a reasonable estimate of the range of compensation for this job. At TransUnion, actual compensation is based on careful consideration of additional factors such as (but not limited to) an individual's education, training, work experience, job-related skill set, location, and industry knowledge, as well as the scope and responsibilities of the position and market considerations.

Regular, fulltime non-sales positions may be eligible to participate in TransUnion's annual bonus plan. Certain positions may be also eligible for long-term incentives and other payments based on applicable company guidance and plan documents.

TransUnion's Internal Job Title:
Sr Advisor, InfoSec Risk Management & Governance