Director of Information Security ( USIS Customer Compliance )

Equifax   •  

Alpharetta, GA

5 - 7 years

Posted 186 days ago

Essential Job Functions:

  • Report to the Information Security Officer of USIS Customer Compliance and be strategically involved in key security decision making for the Business Unit

  • Understand how to manage a securityevent and crisis

  • Serve as the key point of contact for security incidents for Business Unit

  • Respond to customer calls related to security incidents and othersecurity related compliance requests

  • Proactively manage annual security compliance requests for customers and partners

  • Assist with proactive customer communications on material securityevents/threats and remediation efforts  (e.g. virus outbreak )

  • Perform quality reviews of customer/Partner questionnaires, RFP, and other customer security compliance related deliverables

  • Assist with maintaining and updating artifacts for customer audits

  • Lead  security process enhancement efforts to ensure alignment with business and IT requirements

  • Conduct acceptable use audits and security policy and good practice trainings

  • Assist with development of security collateral for key products and services

  • Collect and analyze internal/external customer feedback on experience of Security for opportunity for enhancement

  • Provide advice and counsel to the business executives regarding key initiatives that could be impacted by compliance, risk or security issues

    Skills and Requirements:

  • Bachelor's degree or an equivalent combination of education and experiencerequired

  • 6-8years of securityexperience
  • Understand Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), SSAE-16 attestations, ISO 27001 Standards, Payment Card Industry Data Security Standard (PCI DSS), NIST Standards, standard security practices, current and emerging privacy and security regulations .

  • Strong communication skills including strong verbal presentation skills.  Able to present and communicate at all levels of the organization including senior management

  • Strong ability to translate complex technical security concepts into business-friendly communications

  • Strong ability to build and maintain trusting relationships with internal and external customers

  • Viewed as an expert in information security with strong analytical skills who is able to interpret complex information and adapt as needed

  • Experience working in matrix environment with globally diverse team members

  • Regularly makes decisions that is guided by policies, procedures and/or guidelines from which there is some discretion to depart

  • Ability to work under pressure

  • CISSP , CISM or related certification is a strong plus

    Personal Qualities:

  • Leadership in intellectual engagement, work ethic; quality of work product

  • Good judgment, integrity and follow through on commitments

  • Team player who actively collaborates and commits to success of others.

  • Pitches in where necessary to support team success

  • Exhibits self-motivation to perform to the highest standard of excellence

  • Results Focused.  Focuses on the critical objectives that add the most value and consistently delivers results that meet or exceed expectations

  • Relentlessly seeks, shares and adopts ideas and best practices in and outside the company and embraces change introduced by others

Job Number:J00061232