Cyber Security Sr Consultant

Join TransUnion's Global Vulnerability and Threat Management team as a Cyber Security Sr Consultant. This hybrid role involves providing technical expertise across the vulnerability management lifecycle, including asset discovery, scanning, analysis, and reporting. You will maintain scanning tools, reduce false positives, and drive critical initiatives in on-premises and cloud environments. The position requires strong technical proficiency, collaboration, and a proactive approach to strengthen TransUnion’s security posture against emerging threats.

Must Have

• Experience with vulnerability management processes and security testing procedures.
• Ability to proactively monitor vulnerabilities using manual and automated tracking methods.
• Experience maintaining vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7).
• Proficiency in configuring and maintaining technical stack for security requirements.
• Skills in reducing false positives through technical triage and tool tuning.
• Experience with programming/scripting languages for task automation.
• Knowledge of Industry security controls (CIS, NIST, ISO), application security, and network security.
• Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or equivalent.
• Hands-on experience with cloud platforms (AWS, GCP), scripting (Python), containerization, orchestration, and security monitoring tools.

What We'll Bring:

We are seeking a seasoned cybersecurity professional to join our Global Vulnerability and Threat Management team. This role is responsible for providing technical expertise across the entire vulnerability management lifecycle, including asset discovery, vulnerability scanning, analysis, and reporting. The position requires a strong blend of technical proficiency, collaboration, and attention to detail to effectively support and strengthen TransUnion’s security posture.

The ideal candidate would be driven to continually learn while contributing towards vulnerability management processes, policy configurations, automated scanning, network security and will collaboratively execute on core services that are essential to securing Transunion’s business. Along with technical knowledge, attention to detail, team spirit and coordination are essential to succeeding in this role.

This is a hybrid position and involves regular performance of job responsibilities at an assigned TU office location for a minimum of two days a week.

Come be a part of our team – you’ll work with great people, pioneering products and evolving information security challenges!

What You'll Bring:

• Experience with vulnerability management processes and security testing procedures
• Proactively monitor vulnerabilities using manual and automated tracking methods
• Support management of attack surface reduction strategies, including OS hardening baselines, secure configuration enforcement, patch management, and configuration standardization.
• Maintain vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) to assess systems for vulnerabilities and emerging threats
• Configure and maintain the technical stack to align with changing business needs and security requirements.
• Reduce false positives in vulnerability reports through technical triage, tool tuning and validation.
• Prepare documentation, reports, dashboards, and metrics for leadership reviews and decision-making.
• Conduct regular compliance checks and support internal/external audits.
• Automating repeatable tasks using programming / scripting languages
• Apply Industry security controls like (CIS, NIST, ISO), Application security and Network security concepts for attack surface reduction
• Stay current with emerging threats, vulnerabilities, and mitigation techniques.
• Ability to identify, propose and drive resolutions for systemic security issues based on analysis of vulnerability and configuration data
• Excellent verbal and written communication skills
• Experience working in a team-oriented, collaborative environment requiring analytical and proactive problem-solving skills
• Ability to operate with minimal oversight in a fast-paced environment
• Willingness to work with multi-faceted, diverse teams and an empathetic team player who can think, plan and deliver out of the box projects

Qualifications and Education:

• Bachelor’s degree in computer science, Cybersecurity, Information Security, or equivalent professional experience.
• Experience with agile practices and delivery models
• Hands-on experience with cloud platforms (e.g., AWS, GCP), scripting languages (e.g., Python), containerization, orchestration technologies, and security monitoring tools.
• Strong analytical mindset with a data-driven approach to security, capable of generating meaningful metrics to inform decision-making.
• Familiarity with modern development methodologies and automation practices for scalable security operations.
• Demonstrated ability to work effectively in diverse, cross-functional teams, empathetic collaborator with a creative and solution-oriented mindset.
• Excellent communication skills, with the ability to articulate complex technical concepts clearly and concisely.

Impact You'll Make:

• Drive critical vulnerability management initiatives across on-premises and cloud environments, contributing directly to the organization's security resilience.
• Conduct in-depth research on emerging vulnerabilities and exploits using trusted public sources and intelligence platforms, enabling proactive risk mitigation.
• Utilize a combination of automated tools and manual techniques to identify, validate, and assess vulnerabilities with precision.
• Clearly communicate the business impact and technical risk of identified vulnerabilities, providing actionable mitigation strategies to stakeholders.
• Collaborate with development, infrastructure, and operations teams to ensure security standards are embedded into system design and implementation.
• Identify gaps in existing vulnerability management processes and recommend enhancements to improve efficiency, coverage, and response time.

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.