Senior Director, Information Security
Overview
The Chief Security Architect (CSA) is a crucial role within TransUnion’s (TU) InfoSec organization, responsible for the continuous evolution and implementation of our enterprise security strategy in partnership with InfoSec leadership team. To achieve this mission, CSA will be responsible for working with Cyber Security leadership and teams to ensure that TU security platforms and services are designed and implemented to delivery maximum value. CSA will also work closely with Enterprise Architecture and technology leaders across the organization to enable and safeguard TU’s business direction; TU is a rapidly growing global company, CSA will need to drive a scalable security strategy that allows the company to move quickly yet deliver consistently strong security and protection of TU’s data. This position will be highly visible across the company, including at executive leadership levels.
What you'll bring
• Possesses a deep and broad Information Security background.
• Considers themselves a forward leaning and naturally curious technologist at heart and has a hands-on technology background.
• Can straddle traditional/legacy (Data Center, physical infrastructure) and modern/next-gen technology (Cloud, IaaS, DevSecOps) constructs simultaneously and develop a cohesive service delivery strategy.
• Feels comfortable with and champions emerging technologies and is keen to prototype new ways to getting results; technology/solution agnostic, brings to bear what is needed to achieve the desired outcome.
• Has an affinity for optimization and always strives to improve delivery of services through automation of technology and traditionally manual processes.
• Can take complex technical constructs and articulate them clearly in non-technical, business terms to senior level, including executive, audiences.
• Works seamless across organizational boundaries and is able to influence peers/external business leaders on security matters.
• Takes pride in being a leader and elevating everyone around them, even if not in direct line reporting relationship, through coaching and mentorship.
• Thinks in terms of Product and Service Delivery, strives to understand who their customers are, and focuses on designing strategy and solutions to meet their needs.
How you'll contribute
• Lead a team of Architects that deliver security consulting to the business and provide a solutions architecture/security technology leadership function.
• Develop architecture standards and provide technical oversight for systems and projects that are required to be globally scaled and highly available.
• Own and mature security capability roadmap to align with current needs and future technology direction, including move to Cloud, IaaS, and microservices.
• Develop Security Reference Architecture to enable TransUnion’s technology journey.
• Act as accountable party, in partnership with CISO and InfoSec sr. leadership, for security posture of the company.
• Partner with Enterprise Architecture to drive security into TransUnion’s strategic technology planning.
• Work directly with leaders of application development organizations to continuously mature security engagement (tools and process) with Product teams; consistently assess and mature SDLC security controls.
• Interface with regulatory and compliance bodies, internal and external, to represent security posture and strategy.
• Lead and mentor team members, including coaching junior engineers and architects.
• Stay up to date on new tools & techniques and act as driver of innovation into InfoSec and IT.
• Conduct proof-of-concept and prototyping activities.
Additional Requirements:
• 10+ years of experience designing and delivering large-scale security solutions utilizing a mixture of hardware and software technologies, across a broad array of security disciplines.
• 5-7 years of experience in a leadership role with full accountability for large scale implementation in large, heavily matrixed organizations.
• Demonstrated experience acting as point person for interaction with regulatory and compliance bodies.
• 3-4 years demonstrated experience leading design and implementation of technologies in public cloud (AWS preferred).
• 3-4 years of designing and delivering security solutions in an environment that embraces DevOps and IaaS concepts and common technologies, with a focus on pipeline security automation (DevSecOps) and securing SDLC.
• Knowledge base that spans broadly across IT constructs, including software development, hardware, systems administration, and operations.
• Demonstrated experience working in and influencing priority decisions in an Agile environment.