TransUnion's Job Applicant Privacy Notice

What We'll Bring:

Senior Information Security Consultant



Senior Information Security Consultant

About TransUnion:
TransUnion is a global information and insights company which provides solutions that help create economic opportunity, great experiences and personal empowerment for hundreds of millions of people in more than 30 countries. We call this Information for Good®.

TransUnion is a major credit reference agency and we offer specialist services in fraud, identity and risk management, automated decisioning and demographics. We support organisations across a wide variety of sectors including finance, retail, telecommunications, utilities, gaming, government and insurance.

We’re looking for a Senior Consultant to join our growing Information Security team. This role is a key member of the TU UK Security Team and reports into the UK Information Security Manager. The ideal candidate will have a strong technical security background, be able to work collaboratively and pragmatically with stakeholders from across the business and will possess a strong delivery mindset. They need to be willing and able to undertake multiple projects and prioritise them appropriately using their own initiative. The role provides fantastic opportunities to work across multiple security disciplines, with huge potential for individual growth and development.

What You'll Bring:

Role Responsibilities:
• Provide oversight, guidance and subject matter expertise to technology, project and business teams.
• Proactively engage product and business owners to ensure they understand and deliver security requirements, comply with audit expectations and support risk remediation activities.
• Ensure controls are identified and implemented throughout each stage of product development and enterprise change.
• Identification, mitigation and management of security risks.
• Provide training and mentoring to team members in addition to technical workshops with key stakeholders within the technology and security teams.
• Run awareness activities to ensure continuous improvements to the security culture for the organisation.
• Review application security scans and provide remediation advice to product owners and developers.
• Evaluate the effectiveness and coverage of security products and tooling to continuously monitor and protect company assets.
• Support ISO27001, PCI DSS and other internal and external audit programmes.
• Support the continuous improvement of security policies and standards.
• Support clients with any security related queries raised.

Key Tasks:

• Working with project and product teams, providing support and guidance to ensure compliance with security policy and standards.
• Perform security assessments with recommendations to mitigate and reduce risk.
• Working with technology and security teams, driving initiatives such as vulnerability assessment and penetration testing workstreams.
• Implement and improve technical processes to create efficient and secure methodologies.
• Support the management and investigation of security events including post incident reviews in conjunction with other security teams.

Impact You'll Make:

Essential Skills & Experience:

Development experience - Java or Dot net

Security/ SAS tool (Static application )

Manual code reviews/automatic reviews

CISSP qualified, or similar qualification or proven relevant experience any kind OSCP, GWAPT will complement this

Proven track record in an IT Security role

Strong understanding of technical security risk, threat, and vulnerability management principles

Ability to drive own workload identifying risks and requirements working flexibly where required

Willingness to learn and undertake formal and informal training should it be required

It is a requirement of the Global Capability Centre Africa that you reside in a home that is fibre ready; and has space for you to be able to work comfortably and confidentially on a day-to-day basis for the purpose of your proposed employment. You can be based anywhere in South Africa and will not be able to work in a location outside of South Africa.

A Minimum of a 100 Meg Fibre line is required, should you be successful, you will need to upgrade your line in order to work effectively.

If you haven't heard from us for 3 weeks, please consider your application unsuccessful.

This is a remote position which may require occasional in-person attendance at work-related events at the discretion of management.

TransUnion Job Title

Sr Consultant, Information Security