Sr. Technology Risk and Compliance Associate

TransUnion's Job Applicant Privacy Notice

Personal Information We Collect

Your Privacy Choices

What We'll Bring:

At TransUnion, we strive to build an environment where our associates are in the driver’s seat of their professional development, while having access to help along the way. We encourage everyone to pursue passions and take ownership of their careers. With the support of colleagues and mentors, our associates are given the tools needed to get where they want to go. Regardless of job titles, our associates have the opportunity to learn new things and be a leader every day.

Come be a part of our team – you’ll work with great people, pioneering products and cutting-edge technology.

This role will act as a key Associate of the Technology Risk and Compliance team and is responsible for supporting and providing advice and consultation to technology and information security teams on risk matters and control effectiveness specifically focused on technology compliance advisory.

The role will be performing oversight and assurance activities to validate that relevant technology and information security risks and controls are identified and appropriately managed, bring awareness to risk and control issues, drive development of comprehensive solutions and improvements to controls to mitigate risk, provide subject matter and risk management expertise throughout the risk lifecycle, and ensure risk is managed in conjunction with the Company’s risk appetite.

This role will assist in providing regulatory compliance support to the Technology and Information Security business areas as deemed appropriate by the Sr. Director of Technology Risk and Compliance. This role will partner and collaborate with stakeholders across multiple areas of the Company such as technology, information security, R&C, legal, privacy, internal audit, procurement, and the business units across multiple solutions and products around the world.

You will have the opportunity to partner with stakeholders to perform technology related compliance advisory reviews, risk assessments, and control assurance testing.

What You'll Bring:

• 3+ years of experience in risk management, compliance, audit, and or information security, with specific focus on technology and information security
• Knowledge of cloud environments, product development, and common security and technology frameworks such as CIS, NIST, SOC2, PCI, and SOX
• Ability to work in a matrixed organization with excellent analytical and problem-solving abilities, with a keen attention to detail and a results-oriented mindset
• High level of integrity, do things the right way, and lead by example
• Comfortable with organizing and managing multiple priorities and deadlines concurrently
• Proactive, take the initiative, and can work independently with limited supervision
• Experience working in financial services or other regulated industry
• Flexibility to attend work related meetings outside of typical working hours
• Bachelor’s degree in a relevant discipline
• Possess relevant certifications such as CISSP, CGRCP, CISA, CISM, CRISC etc…

Impact You'll Make:

• Perform reviews of technology initiatives and processes to ensure policies, processes, and practices meet requirements and are consistent with industry standards, regulations, and best practices.
• Assist with risk assessments, performing critical analysis as necessary and monitor data used to identify heightened risk and help develop risk remediation recommendations.
• Assist with deep dives into technology and security risk events and analyze thematic technology risks to provide appropriate expertise and insight.
• Analyze and test technology and information security controls and processes to ensure identified risks are effectively mitigated. You will provide assurance and escalate any identified gaps or opportunities for improvement.
• Assist with the development of technology and information security risk registers for proper assessment of identified risks, including analysis, rating, prioritization, and ownership. 
• Monitor and facilitate periodic reviews of the risk registers to ensure any changes to the control environment has been captured appropriately.
• Analyze corrective actions and mitigation plans for incidents, identified issues, and findings for comprehensiveness, appropriateness, and timeliness to address the associated risks, and report and escalate any gaps or opportunities for improvement.
• Collaborate with the 1st line of defense in discussing and resolving control gaps, risk trends, risk issues and incidents while also providing credible challenge of their assertions, assumptions, and conclusions.
• Partner with the relevant technology, business units and other support functions to develop a perspective on the risk and ensure consideration of evolving regulatory expectations.
• Participate in technology and information security risk forums, as deemed appropriate, to identify new and emerging risks and provide complementary expertise to foster robust dialog and information sharing about risks and controls.
• Actively review initiatives and projects to ensure technology and security risks are identified early in the process and drive comprehensive mitigation solutions.
• Report on oversight and assurance activities to senior management and escalate when necessary to ensure appropriate awareness and action to mitigate risk.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers, the San Francisco Fair Chance Ordinance, Fair Chance Initiative for Hiring Ordinance, and the California Fair Chance Act.

Adherence to Company policies, sound judgment and trustworthiness, working safely, communicating respectfully, and safeguarding business operations, confidential and proprietary information, and the Company’s reputation are also essential expectations of this position.

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

Benefits:

TransUnion provides flexible benefits including flexible time off for exempt associates, paid time off for non-exempt associates, up to 12 paid holidays per year, health benefits (including medical, dental, and vision plan options and health spending accounts), mental health support, disability benefits, up to 12 weeks of paid parental leave, adoption assistance, fertility planning coverage, legal benefits, long-term care insurance, commuter benefits, tuition reimbursement, charity gift matching, employee stock purchase plan, 401(k) retirement savings with employer match, and access to TransUnion’s Employee Resource Groups. Spousal, domestic partner, and other eligible dependent coverage is available on select health and welfare plans.

We are committed to being a place where diversity is not only present, it is embraced. As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, genetic information, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.

Pay Scale Information :

The U.S. base salary range for this position is $90,000.00 - $150,000 annually. *The salary range for this position reflects a reasonable estimate of the range of compensation for this job. At TransUnion, actual compensation is based on careful consideration of additional factors such as (but not limited to) an individual’s education, training, work experience, job-related skill set, location, and industry knowledge, as well as the scope and responsibilities of the position and market considerations.

Regular, fulltime non-sales positions may be eligible to participate in TransUnion’s annual bonus plan. Certain positions may be also eligible for long-term incentives and other payments based on applicable company guidance and plan documents.

 

TransUnion's Internal Job Title:

Sr Consultant, Risk Management