Senior Information Security Manager
Dynamics of the Role
The Senior Security Manager is a hands-on role involving managing team in designing, deployment and support of complex security products to ensure that our applications and infrastructure are implemented to the highest standards thus maintaining and enhancing customer trust.
The Security Manager’s responsibilities include security system deployments, configuration, monitoring and reporting. This position will have a lead role in performing vulnerability assessments, security testing, and working with security and development teams on remediation and mitigation of findings.
The Security Manager needs experience in providing architecture support of the security infrastructure. The Security Manager will need to work collaboratively with other team members and with external information security technology vendors to identify advanced threats and prevent compromise. The Security Manager will be engaged in critical decisions involving risk, incident response, and security process improvements in critical infrastructure that require unwavering integrity and moral character. The Security Manager will participate in security audits, risk analysis, vulnerability testing and security reviews on many elements of our systems.
The Team’s Focus
TransUnion Interactive creates web-based financial products that help consumers manage their credit, identity and money. Our product suite includes TransUnion Credit Monitoring and ID Theft Protection—products that help our customers monitor critical changes in their credit by assisting them with debt analysis, identity theft protection features, and money management tools.
How You’ll Contribute
- Manage team of highly skilled security professionals with strong team dynamics.
- Experience with analyzing, troubleshooting, and investigating security-related anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
- Experienced with maintaining, configuring, and analyzing network and host-based security platforms
- Experience with some or all of the following: TCP/IP | OSI Model, system logs (WMI, syslog, etc.), antivirus, IDS/ IPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event Correlation, Forensics, IDS/IPS, rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis. Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems
- Identify security issues and risks, and develop mitigation plans
- Evaluate, Architect, design, implement and support security-focused tools and services including project leadership roles
- Develop and interpret security policies and procedures
- Mentor members of the team
- Participate in security compliance efforts (e.g., PCI, DSS, SOX)
- Develop and deliver training materials and perform general security awareness and specific security technology training
- Acquisition and vendor risk assessment due diligence
- Evaluate and recommend new and emerging security products and technologies
- Participate in incident handling
- Participate in projects that develop new intellectual property
- Evangelize security within Company and be an advocate for customer trust
- Maintain and update relevant system and process documentation and develop ad-hoc reports as needed
- Provide reoccurring reports for network and host-based security solutions
- Experienced with the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes
- Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment
Strategy & Planning:
- Evaluate documented resolutions and analyze trends for ways to prevent future problems
- Research and recommend innovative, and where possible, automated approaches for system administration tasks
- Identify approaches to solutions that leverage our resources and provide economies of scale
- Keep current with the latest technologies
- Organize and lead projects based on stakeholder requirements
- Manage project milestones and deadlines
- Communicate effectively across groups to accomplish project tasks
What You’ll Bring
- A minimum of 7-10 years IT experience; at least Five of those years focused on IT security, infrastructure or application- level vulnerability testing and auditing, and/or network security, at least 3 years managing direct reports
- Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings
- Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving
- Strong understanding of enterprise, network, system and application level security issues
- Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks
- Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
- Understanding of the system hardening processes, tools, guidelines and benchmarks. Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
- Experience managing multiple technology projects simultaneously
- Knowledge of Linux, Windows, OSX systems
- Working knowledge of a range of diagnostic utilities
- Exceptional written and oral communication skills
- Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills
- Strong documentation skills
- Working knowledge of industry-specific regulations (ITIL v3, AT101, SOX, PCI, HIPPA) required
- Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience
- Any of the following: Juniper Network Certified Network Associate (JNCIA-Junos), Juniper Network Certified Specialist Security (JNCIS-SEC), Juniper Network Certified Professional Security (JNCIP-SEC), Juniper Network Certified Expert Security (JNCIE-SEC)
- Ability to conduct research into a wide range of computing issues as required
- Ability to present ideas in user-friendly language
- Highly self-motivated and directed
- Ability to effectively prioritize and execute tasks in a high-pressure environment
- Exceptional customer service orientation
- Experience working in a team-oriented, collaborative environment
- Have a strong desire to learn continually and grow professionally
Who We Are
At TransUnion, we are dedicated to finding ways information can be used to help people make better and smarter decisions. As a trusted provider of global information solutions, our mission is to help people around the world access the opportunities that lead to a higher quality of life, by helping organizations optimize their risk-based decisions and enabling consumers to understand and manage their personal information. Because when people have access to more complete and multidimensional information, they can make more informed decisions and achieve great things.
Every day TransUnion offers our employees the tools and resources they need to find ways information can be used in diverse ways. Whether it is helping businesses better manage risk, providing better insights so a consumer can qualify for his first mortgage or working with law enforcement to make neighborhoods safer, we are improving the quality of life for individuals, families, communities and local economies around the world.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.
Meet Some of TransUnion's Employees
Technical Systems Engineer
TC’s main responsibility is to make sure all of the TransUnion Windows-based systems, across every office, are fully operational and available at all times.
Back to top