What We'll BringTransUnion’s Marketing Solutions help businesses better understand evolving consumer preferences and behaviors so they can provide more personalized experiences and relevant offers. This includes audience creation, resolving identities and augmenting direct mail with digital marketing. Protection of this information is critical for our customers and business. As the Information Security Officer (ISO) for TU’s Marketing Solutions business unit, you will be the primary point-of-contact between TU’s Information Security and the business-specific technology, system / platform / application owners, and executive leadership. This includes assisting Marketing Solutions’ technology migration to TU’s cloud tenant, managing and maintaining business-specific information security needs, and addressing regulatory-related risks.
What You'll Bring7+ years of experience working in risk management, governance, and regulatory requirements related to cybersecurity with a specific focus on business outcomes and service delivery
2+ years of experience in cloud security, preferably Amazon AWS
Experience in working with and preferably leading cross functional teams on a project-by-project basis
Demonstrated ability as an action-oriented problem solver in complex technology and organizational environments
Experience in presenting to senior technology and information security executives and in influencing stakeholders to achieve strategic objectives
Experience in working with industry frameworks and standards such as SSAE18, PCI, ISO 27001/27002, NIST CSF, and NIST 800-53
A BA/BS degree in a technology related field
Information Security (CISSP, CISA, Security +) and cloud (AWS CCP) certification preferred
Ability to travel domestically up to 15% of time
Impact You'll MakeBusiness Unit Enablement: Enable TU’s Marketing Solutions function by leading information security and technology projects across international teams and locations. Acting as a subject matter expert between Information Security and the business, you will ensure compliance with BU-specific security requirements for cloud based and on-premises information technology systems. By maintaining a deep understanding of BU applications and technical architecture, you will partner with BU executive leadership to advise on information security risks and align funding requirements with strategic initiatives.
Incorporate Security into Key Programs/Projects: Advise on multiple workstreams related to process and technology migration to TU-based cloud environments. Own and independently manage a portfolio of security projects in support of our overall Information Security strategy and technology annual objectives. Assist the broader Information Security department with timelines, resources, budget and vendors/consultants. Communicate with senior management regarding project obstacles and take ownership of their resolution to continue progress towards deliverables and timelines. Projects managed are typically less than one year with majority completed in three to nine months.
Maintain BU-specific Regulatory Compliance: Lead and execute complex information security assessments that require both analytical and technical skills across a broad range of Information Technology topics to maintain compliance with BU requirements. Consistently follow approved risk assessment methodologies and according to risk framework(s) defined by Information Security. Develop an understanding of business goals and reframe risk discussions in business terms, while establishing risk ownership and accountability within Marketing Solutions.
Trusted Relationships: As the primary liaison between Information Security and Marketing Solutions, participate in cybersecurity and business-related councils or working groups as necessary. Educate stakeholders on cybersecurity-related matters in an effort to increase awareness and improve culture. Constructively engage business partners regarding cybersecurity. Produce concise project status reports and presentations on a timely basis. Ensure that challenges as well as successes are clearly communicated to team members, stakeholders, and sponsors.
Resolution of Issues & Escalations: As needed, act as an intermediary for escalations from TU’s security operations center or other cybersecurity teams to ensure that security issues such as critical patches or responses to security events are addressed in a timely manner and appropriately communicated to Marketing Solutions’ business and technology leaders.