Consultant, ISO27001 Implementer

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

The Information Security Consultant is a key member of the GCC team, working alongside the Internal stake holders to ensure 100% compliance from an information security perspective. This role is a crucial part of the Global Information Security Officer (ISO) program. Specifically, this position involves performing the duties of an ISO for GCC locations, all operated from GCC Bangalore.

What You'll Bring:

• Enhance maturity of Information Security within GCC aligned with Global Information Security strategy and regulatory commitments.
• Ensure consistent execution of services, process standards or operational plans.
• Proactively identify and provide support for Vulnerability Management related functions, staying abreast of current vulnerability trends in the industry and addressing new security issues as they are identified.
• Participate in various internal/external customer audits and represent the organization before local regulatory entities.
• Participate in Global Information Security initiatives as a stakeholder to ensure alignment with global security strategies and roadmap. Lead and implement these changes (people, process and technology) within GCC.
• Communicate vertically and horizontally across the company to keep all stakeholders informed, involved and engaged on Information Security matters.
• Produce key performance indicator (KPI) metrics for further tracking and reporting on performance; Provide reporting to GCC Information Security Head on operational performance and status of initiatives. Develop and maintain partnerships with key partners to ensure that service levels are met.
• Assess potential systems and process vulnerabilities to determine security infrastructure requirements.
• Develop/implement policies and procedures to prevent unauthorized access.
• Educate and communicate security requirements and procedures to users and new employees.
• Research security trends, new methods and techniques used in unauthorized access of data to preemptively reduce the possibility of system breach.
• Provide guidance and direction on best practices for the protection of information.
• Ensure compliance with regulations and privacy laws as applicable. Will oversee internal or external systems security (i.e., cloud services). 

Impact You'll Make:

• 5-8 years’ experience in Information Security.
• Hands on experience for implementing and managing ISO 27001-2022 for large organization.
• Experience on internal and external audits for information security perspective
• Review the vulnerability assessment report and follow up with the stakeholders for remediation.
• Conduct security awareness program across the locations and improve the awareness of associates
• Experience with IT Security compliance, privacy, and risk remediation programs based on ISO, PCI, SOC and relevant compliance and regulatory standards.
• Review various compliance reports and follow up with stakeholders for remediation.
• Ability to communicate and report detailed project status to senior management and peers.
• Willing to travel whenever required
• Recognized industry qualifications such as: CISSP, CCISO, Certificate of Cloud Security Knowledge, CISM etc.

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Consultant, InfoSec Risk Management & Governance