Match score not available

Sr. Control Assurance Assessor

extra holidays - fully flexible
Remote: 
Full Remote
Salary: 
6 - 27K yearly
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

Bachelor's degree in computer science or related field., 3+ years of IT Audit or security control testing experience., 5+ years in Information Security or IT., Professional certification such as CISA, CISM or equivalent..

Key responsabilities:

  • Conduct security control assessments from planning to reporting.
  • Develop test plans and document findings.
Experian logo
Experian Information Technology & Services XLarge http://www.experianplc.com/
10001 Employees
HQ: Costa Mesa
See more Experian offers

Job description

Company Description

About us, but we'll be brief

Experian is the world's leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. Also, for the last five years we've been listed as one of the 100 "World's Most Innovative Companies" by Forbes Magazine.

Job Description

What you'll do

Our Controls Assurance Testing Team is looking for an individual contributor for the Senior Control Assurance Assessor with expertise in data-driven testing techniques. You will report to the Information Security Control Assurance Testing Manager. You will be offered the opportunity to provide second-line defense assurance services, ensuring that security controls are robustly designed and implemented to safeguard Experian's assets.

Summary of Primary Responsibilities

  • Conduct security control assessments, managing the process from planning through to reporting, including, understanding controls in scope, gathering assets populations and selecting samples, planning the assessment, evaluating whether the controls are designed and working as intended, writing issues and communicating the issues, and reporting on the test results.
  • Develop test plans, test cases/steps, and procedures, using data from security tools to capture evidence.
  • Use queries and dashboards to identify potential control failures.
  • Ensure the accuracy and timely completion of control testing, providing peer review.
  • Document findings, including root cause analysis and recommendations for remediation.
  • Be the primary liaison with team members, delivering clear progress updates and results.
  • Contribute to the efficiency of the control testing program by establishing measurable indicators, standardizing testing materials, and integrating partner feedback for improvement.

Qualifications

What your background is

  • A bachelor's degree in computer science, management information systems, or a relevant field, or equivalent demonstrable experience.
  • 3+ years' experience performing IT Audit or security control testing.
  • 5+ years' of experience in Information Security or Information Technology.
  • Demonstrated experience in conducting security control testing and evaluations within an internal audit framework.
  • Knowledge of internal audit methodologies, including risk assessment, planning, execution, and reporting.
  • Hold a professional certification such as CISA, CISM, CISSP, PCI QSA, ISO 27001 Lead Auditor, or equivalent.
  • Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001/27002).
  • Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws.
  • Experience with sector-specific frameworks (e.g., HIPAA, PCI).

Technical skills

  • Knowledge of security tools such as Sailpoint, Rapid7, Wiz.io, MS Defender, SIEM, vulnerability management, and penetration testing tools.
  • Familiarity with cloud concepts and technologies, AWS and Azure
  • Experience using generative AI such as Chat GPT to create test strategies, reports, and communications.
  • Proficiency in automation and analytics tools (e.g., Excel, Tableau, Alteryx, and PowerBI).
  • Experience creating queries and reports using RSA Archer and ServiceNow.
  • Familiarity with Kanban boards and Jira.

Desired Competencies:

  • Experience with cybersecurity principles and organizational requirements.
  • Apply governance, risk, and control principles.
  • Proficiency in both automated and manual testing of information security controls.
  • Facilitate small group meetings and communication of complex ideas.
  • Collect, validate, analyze, and translate test data into evaluative conclusions.
  • Research and application of knowledge about new technologies.
  • Agile working methodology experience.

Additional Information

This is a permanent remote home-based role in Costa Rica. No relocation available.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is a critical part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

#LI-ML2 #LI-Remote

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Analytical Thinking
  • Teamwork
  • Communication
  • Problem Solving

Related jobs