TransUnion

Information Security Analyst _ penetration testing

Posted 3 Hours Ago

Be an Early Applicant

2 Locations

Hybrid

Mid level

Big Data • Fintech • Information Technology • Business Intelligence • Financial Services • Cybersecurity • Big Data Analytics

The Role

The role involves conducting penetration testing, vulnerability assessments, and application security scans, while collaborating with development teams to enhance security within CI/CD pipelines and ensure compliance with security standards.

Summary Generated by Built In

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

We are seeking a security analyst to join CIBIL Information Security team to support annual penetration testing, ongoing vulnerability assessments, and application security scanning across our environment. The role will collaborate closely with development teams to embed DevSecOps practices, drive timely remediation of vulnerabilities, and ensure compliance with regulatory and threat‑intelligence advisories. Responsibilities include maintaining security baselines for infrastructure and leveraging tools such as Rapid7, Burp Suite, Checkmarx, and Seeker to strengthen our overall security posture.

What You'll Bring:

Support the annual penetration testing program for both existing systems and new go‑live applications, ensuring timely remediation of identified risks.
Execute periodic internal and external vulnerability assessment (VA) scans, analyze discovered vulnerabilities, and provide clear reporting to stakeholders for timely closure.
Support Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) scans, driving application teams to identify, prioritize, and resolve security weaknesses.
Collaborate with development teams to embed security controls into CI/CD pipelines (DevSecOps) and promote secure coding practices across the SDLC.
Support regulatory and compliance-driven security advisories, ensuring vulnerabilities identified through external mandates are remediated within required timelines.
Assist in remediation activities triggered by threat intelligence and VTM advisories, including evaluation of reported exploits, zero-day vulnerabilities, and their applicability to the organization.
Conduct periodic security baseline reviews for network devices, operating systems, and infrastructure components to ensure configuration compliance.
Utilize and maintain proficiency with key security tools such as Rapid7, Burp Suite, Checkmarx, and Seeker, using them to strengthen the organization’s vulnerability management and application security posture.

Impact You'll Make:

Maintain and enhance dashboards, reporting mechanisms, and metrics for vulnerability management, providing leadership with visibility into risk trends, remediation progress, and compliance adherence.
Assist in establishing and continuously improving secure coding standards, development guidelines, and security guardrails aligned with industry best practices.
Contribute to audit and compliance programs (e.g., ISO, SOC 2, regulatory reviews) by providing evidence, documentation, and remediation tracking for security‑related controls.
Stay updated with emerging threats, new tools, and evolving security techniques, advising teams on adoption of modern, efficient, and scalable security practices.

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Analyst, InfoSec Risk Management & Governance

Top Skills

Burp Suite

Checkmarx

Rapid7

Seeker

What the Team is Saying

View all jobs at TransUnion

View TransUnion Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Chicago, IL

13,000 Employees

Year Founded: 1968

What We Do

TransUnion is a global information and insights company that makes trust possible by ensuring that each consumer is reliably and safely represented in the marketplace.

We do this by having an accurate and comprehensive picture of each person.

This picture is grounded in our legacy as a credit reporting agency which enables us to tap into both credit and public record data; our data fusion methodology that helps us link, match and tap into the awesome combined power of that data; and our knowledgeable and passionate team, who stewards the information with expertise, and in accordance with local legislation around the world.

Because of our work, organizations can better understand consumers in order to make more informed decisions, and earn their trust through great, personalized experiences, and the proactive extension of the right opportunities, tools and offers. In turn, consumers can be confident that their data identities will result in the opportunities they deserve.

We make trust possible, so businesses and consumers can transact with confidence and achieve great things. We call this Information for Good®—it’s our purpose, and what drives us every day.

Why Work With Us

Our culture is welcoming, energetic and innovative. There’s an overall synergy that flows throughout TransUnion, creating a sense of unity in knowing that we’re all working to achieve the same overall goal. We’re dedicated to providing opportunities for our people to get involved and stay connected with their colleagues across the globe.