TransUnion's Job Applicant Privacy Notice

What We'll Bring:

TransUnion works with businesses and consumers to gather, analyze, and deliver critical information needed to build strong economies around the world. Protection of that information is critical our customers and business. As an Information Security Director, you will be responsible for leading our Information Security function across TransUnion Africa. You will drive the execution of our regional Information Security strategy through deployment of security technologies and projects, interfacing with senior IT, business, customer and regulatory leaders, and overseeing the local Information Security team. You will serve as the process owner of all assurance activities related to ensure compliance with the organization's information security policies. A key element of the role is working with executive management to determine acceptable levels of risk for the organization, identifying emerging risks and building mitigation plans. Overall, this position is responsible for a regional information security management program that spans eight African countries.

What You'll Bring:

How You’ll Contribute

Responsible for enterprise-wide security in the Business Unit, as such you will effectively be the Chief Information Security Officer for the BU, interfacing with TU’s key stakeholders in the African region and other international locations, as well as the Global Information Security group.
Operate in a matrix organization with functional alignment into Global Information Security and dotted reporting into the regional Technology organization.
Work directly with business unit leaders to facilitate risk assessment and risk management processes.
In close collaboration with local IT, PMO, and Global Information Security, drive execution of Information Security projects, including technology deployments, ongoing security assessments and other risk management activities as per TU’s Information Security strategy and plan.
Maintain and enhance an information security management system in accordance with ISO 27001 standards.
Support and develop the information security strategy, risk management initiatives, and become a trusted advisor and thought leader to meet business, client and regulatory demands.
Understand and interact with related disciplines through regulatory forums, committees, and business engagements to ensure the consistent application of policies and standards across all technology projects, systems and services
Provide leadership, oversight and performance management to the organization’s geographically distributed information security department, including coaching and motivation for high performance.
Maintain accountability for the Information Security budget in the region.
Facilitate certifications, as necessary and determined by the business or Global Information Security, for SSAE 18, PCI DSS and ISO 27001.
Partner with business stakeholders across the company to raise awareness of risk management concerns and to drive and influence their resolution.
Work within the project and resource prioritization process to ensure security projects and efforts a represented, prioritized and executed
On regular basis, report status of security posture and progress against objectives to senior management in Global Information Security and regional IT.
Maintain a thorough understanding of current security deviations, open assessment and audit findings, and vulnerabilities in TU’s security posture.
Mobilize and support regional responses to threats and incident investigations in an effective and timely manner.
In conjunction and coordination with Global Information Security, maintain and test incident response process and ensure its continued integration with regional and global escalation protocols.
Oversee the completion of security audits by customers and data providers.
Prepare and contribute in periodic communication and presentations to local TU business and functional leaders regarding regional security posture and direction.
Complete annual planning process through ownership and accountability for BU plans for Information Security that align with global strategy but reflect nuances of local needs, where appropriate.

Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems

Impact You'll Make:

What You’ll Bring

12 years+ of extensive experience in risk management, information security and IT
10 years Information Security Management
Degree in Business Administration or a technology-related field required
Professional security management certification in Information Security / Cyber Security or industry qualifications (CISSP, CISM, CISA, CCSP)
Strong leadership, project management skills, time management, and problem-solving skills
Ability to work in a virtual, global matrix organization
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
Experience with working with local and regional regulators and authorities such as the National Credit Regulator & the Information Regulator to ensure compliance with local regulations.
Experience with contract and vendor negotiations and management including managed services
Experience with designing, developing and implementing security processes, controls and technologies
Working experience with information security solutions in areas such as Identity Management, Vulnerability Management, Content Filtering, DLP, IDS/IPS, FIM and Incident Response
Working knowledge of industry frameworks and standards such as SSAE 18, PCI DSS, and ISO 27001
Knowledge of information security in Windows and Linux operating systems as well as TCP/IP networks
Understanding of web application and product security controls
Experience with performing system audits and security assessments, and in interfacing with external auditors
Experience with reporting security metrics (dashboards, KPIs, KRIs)
Ability to operate as an information security business partner and advisor to senior executives and, where necessary, a hands-on contributor on technology deployments and other projects

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Director, Information Security

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

What You'll Bring:

How You’ll Contribute

Responsible for enterprise-wide security in the Business Unit, as such you will effectively be the Chief Information Security Officer for the BU, interfacing with TU’s key stakeholders in the African region and other international locations, as well as the Global Information Security group.
Operate in a matrix organization with functional alignment into Global Information Security and dotted reporting into the regional Technology organization.
Work directly with business unit leaders to facilitate risk assessment and risk management processes.
In close collaboration with local IT, PMO, and Global Information Security, drive execution of Information Security projects, including technology deployments, ongoing security assessments and other risk management activities as per TU’s Information Security strategy and plan.
Maintain and enhance an information security management system in accordance with ISO 27001 standards.
Support and develop the information security strategy, risk management initiatives, and become a trusted advisor and thought leader to meet business, client and regulatory demands.
Understand and interact with related disciplines through regulatory forums, committees, and business engagements to ensure the consistent application of policies and standards across all technology projects, systems and services
Provide leadership, oversight and performance management to the organization’s geographically distributed information security department, including coaching and motivation for high performance.
Maintain accountability for the Information Security budget in the region.
Facilitate certifications, as necessary and determined by the business or Global Information Security, for SSAE 18, PCI DSS and ISO 27001.
Partner with business stakeholders across the company to raise awareness of risk management concerns and to drive and influence their resolution.
Work within the project and resource prioritization process to ensure security projects and efforts a represented, prioritized and executed
On regular basis, report status of security posture and progress against objectives to senior management in Global Information Security and regional IT.
Maintain a thorough understanding of current security deviations, open assessment and audit findings, and vulnerabilities in TU’s security posture.
Mobilize and support regional responses to threats and incident investigations in an effective and timely manner.
In conjunction and coordination with Global Information Security, maintain and test incident response process and ensure its continued integration with regional and global escalation protocols.
Oversee the completion of security audits by customers and data providers.
Prepare and contribute in periodic communication and presentations to local TU business and functional leaders regarding regional security posture and direction.
Complete annual planning process through ownership and accountability for BU plans for Information Security that align with global strategy but reflect nuances of local needs, where appropriate.

Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems

Impact You'll Make:

What You’ll Bring

12 years+ of extensive experience in risk management, information security and IT
10 years Information Security Management
Degree in Business Administration or a technology-related field required
Professional security management certification in Information Security / Cyber Security or industry qualifications (CISSP, CISM, CISA, CCSP)
Strong leadership, project management skills, time management, and problem-solving skills
Ability to work in a virtual, global matrix organization
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
Experience with working with local and regional regulators and authorities such as the National Credit Regulator & the Information Regulator to ensure compliance with local regulations.
Experience with contract and vendor negotiations and management including managed services
Experience with designing, developing and implementing security processes, controls and technologies
Working experience with information security solutions in areas such as Identity Management, Vulnerability Management, Content Filtering, DLP, IDS/IPS, FIM and Incident Response
Working knowledge of industry frameworks and standards such as SSAE 18, PCI DSS, and ISO 27001
Knowledge of information security in Windows and Linux operating systems as well as TCP/IP networks
Understanding of web application and product security controls
Experience with performing system audits and security assessments, and in interfacing with external auditors
Experience with reporting security metrics (dashboards, KPIs, KRIs)
Ability to operate as an information security business partner and advisor to senior executives and, where necessary, a hands-on contributor on technology deployments and other projects

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Director, Information Security

Director Information Security

Director Information Security

Director Information Security

Location

Workplace

Type

Posted

Website

Similar Jobs

Company

For job seekers

For companies

Cyber Security jobs

Director Information Security

Director Information Security

Director Information Security

Location

Workplace

Type

Posted

Website

Similar Jobs

Director Information Security

Director, Information Security Engineering

Director of Information Security

(USA) Senior Director, Information Security

(USA) Director, Information Security

Director, Information Security

Director of IAM Information Security Service Delivery

Business Information Security Manager

Information System Security Engineer (ISSE) II

Group Director, Cyber Security Operations