Information Security Contracts Advisor at TransUnion
What We'll Bring:
Dynamics of the Role
At TransUnion, we know that finding the right people is the reason we’re a global leader in credit information and information management services. We strive to provide an environment that allows our talented people to find success and satisfaction. Now, we’re adding to the team and seeking an Advisor for Global Third Party Risk Management.- In this critical role, you will work with TransUnion technology and business teams, and risk stewards such as Audit and Compliance. Externally you will work with vendors, business partners, customers, third parties and related agencies. You will be part of the Global Third Party Risk Management team and be responsible for reviewing customer and vendor contracts and developing Third Party Risk Management policy and standards.
What You'll Bring:
How You’ll Contribute:
- Review contracts, Master Service Agreements, Business Associate Agreements, Request for Proposals (RFP), Statements of Work (SOW), to determine compliance with TransUnion policies.
- Provide red lined recommendations and assess contractual risk.
- Play a key role in contract, and commercial policies and processes development.
- Provide guidance and training on contract-related matters to stakeholders across the organization.
- Promote a risk-aware culture, with effective risk and compliance management practices.
- Support projects that help improve the assessment process and support our overall Third Party Risk Management strategy.
Impact You'll Make:
What You’ll Bring:
- 5 – 7 years of information technology experience, preferably with Information Security responsibilities.
- Bachelor’s degree in computer science, management systems or related field.
- Familiarity with current information security technologies and past experience in: Identity and Access Management, Application Security, Infrastructure Security, System & Data Security, Physical and Environmental Security, Business Continuity/Disaster Recover, and Regulatory/Standard Compliance.
- Familiarity with industry frameworks and standards such as SSAE18, PCI, and ISO 27001/27002.
- Information Security (CISSP, CISA, Security +) certification is preferred.
- Proficiency in Microsoft Office Suite (especially PowerPoint and Excel) and Microsoft Project.
- Strong interpersonal, written, and oral communication skills. Ability to effectively communicate at all levels of the organization
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.