Information Security Officer
TransUnion
full-time
Posted on:
Location Type: Hybrid
Location: Lagunilla de Heredia • Costa Rica
Visit company websiteExplore more
About the role
- Act as a key Advisor of the US Markets Information Security Officer Team
- Partner with TU Product leadership to embed security considerations (security-by-design) into the product architecture, lifecycle, and applications of business projects
- Serve as the trusted cybersecurity advisor for business unit leaders, providing expert advice on security requirements, risks, and best practices
- Define and assign acceptable levels of risk and lead the development of risk management strategies
- Align with enterprise security leaders to scale security through automation and tooling within BU workflows
- Maintain a deep understanding of BU products, infrastructure, and threat landscapes to inform security decisions
- Provide guidance on security architecture and engineering, especially in cloud environments (AWS, GCP)
- Provide regular reports on the business unit's security posture and tracking key performance indicators (KPIs) and key risk indicators (KRIs)
- Anticipate needs and create clarity for BU stakeholders regarding top risks and posture status
- Support TU and enterprise compliance with frameworks and standards such as FedRAMP, FISMA, NIST, ISO 27001, PCI, and SSAE18
- Deliver security milestones and projects on time
- Effectively manage matrixed resources and provide consistent status updates
Requirements
- 7+ years of experience in cybersecurity, risk management, or governance in a technology-related industry
- 3+ years of experience PCI-DSS and SOC2 compliance and audit management and execution
- 2+ years of experience with FedRAMP/FISMA and other regulatory frameworks
- Strong working knowledge of cybersecurity functions including vulnerability management, incident response, and security engineering (e.g., WAFs, IPS, endpoint security)
- Proven ability to influence and negotiate with stakeholders across competing priorities
- Exceptional communication and interpersonal skills to build trust and alignment with BU and enterprise teams
- Experience working with global, multidisciplinary teams
- Bachelor’s degree in a technology-related field; CISSP, CISA, or Security+ certification preferred
- Ability to travel domestically up to 10%
Benefits
- Access to professional development opportunities
- Support of colleagues and mentors
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurityrisk managementgovernancevulnerability managementincident responsesecurity engineeringsecurity architecturecloud environmentsautomationcompliance
Soft skills
communicationinterpersonal skillsinfluencenegotiationtrust buildingalignmentstakeholder managementproject managementclarity creationteam collaboration
Certifications
CISSPCISASecurity+