Director of Customer Security

Company: Equifax
Location: Saint Louis
Posted on: June 13, 2021

Job Description:

Your Focus

You will serve as the Director of Customer Security for Equifax Workforce Solutions. Drawing on your prior experience in four domains (customer service, business acumen, information technology, and information security), you will drive material business outcomes by taking the lead in representing our information security program during third-party assurance audits performed by our customers.

Partnering with your colleagues on the Customer Security team, you will be a primary contact for our customers' security requests. This includes leading the preparation for audits by reviewing the customer's advance questionnaire, gathering evidence and organizing the necessary panel of technical SMEs from across the organization. Then plan, schedule, and execute each such audit hand-in-hand with the customer's third-party assurance team.

You'll work across the Customer Security and broader Workforce Solutions and Global Security teams to assemble other customer deliverables, help improve our processes, enabling customer-related activities to scale better and become more routine. As a key leader on the team, you'll cross-pollinate, share work with, and mentor your colleagues as we all work together to provide our customers with industry-leading security and outstanding service.

Who is Equifax?

Equifax is a global data, analytics, and technology company. We believe knowledge drives progress. We blend unique data, analytics and technology with a passion for serving customers globally, to create insights to power the decisions that move people forward. We serve as a consumer advocate, steward of financial literacy, and champion of economic advancement.

As an innovative global company that enables access to credit, we're part of breakthrough collaborations and innovations that address complex social challenges such as social welfare, community relations and financial education for underprivileged youth. We establish relationships that create economically healthy communities. We help individuals gain financial independence by increasing access to capital for small businesses. And we provide young adults entering college or university with financial education tools.

Regardless of location or role, the individual and collective work of our people makes a difference in our business. We are Powering the World with Knowledge and looking for talented team players to join us as we help people live their financial best.

The Perks of being an Equifax Employee?

• We offer excellent compensation packages with high-reaching market salaries, 401k matching, along with the works: comprehensive healthcare packages, schedule flexibility, collaborative work spaces, work from home opportunities, paid time off, and organizational growth potential

• Grow at your own pace through online courses at Learning @ Equifax

What you'll do:

• Engage with clients and customers as needed to assist the business to achieve its objectives with pre and post sales activities (e.g. explain our security program, support external audits, support bids/RFP process, assist in customer communication of security incident, assemble and deliver artifacts and evidence, etc.)

• Act as the point of contact when customer third-party assurance teams reach out to schedule a security audit of Equifax Workforce Solutions. Maintain an annual audit calendar, caring for the availability of resources and other constraints to ensure that all audits are successful.

• Coordinate effectively across the other Equifax lines of business when a proposed audit concerns more than one line of business.

• Develop and routinely execute a rigorous pre-audit process based on the customer's advance document request list and / or questionnaire. Use your own expertise in security, risk, and controls to plan the lines of discussion so that requests are filled correctly, efficiently, and with minimal digression. Effectively leverage other internal SMEs to respond to deep domain questions.

• Lead execution of customer audits. Use your security and technical acumen, customer service skills, and communication skills to deliver effective, efficient audits that satisfy our customers' inquiries.

• Other duties as assigned by the Sr Director of Customer Security, and the VP Security officer. Additional responsibilities will be in the Customer Security domain (supporting RFPs, contract negotiations, customer calls, etc.) and potentially in other security areas (e.g., supporting the Technical Security team) based on skills and growth trajectory.

Qualifications:

• At least 7 years of work experience in information security, with roles encompassing direct responsibility for audit, compliance, risk management, or related functions.

• CUSTOMER Perspective: Significant experience being audited and/or auditing others in roles such as: third-party security assurance, internal IT / security audit, or being responsible for a firm's PCI, SOC2, HIPAA / HITRUST, FISMA, or FFIEC compliance. Significant experience as a third-party security auditor, or responding to such audits will be required.

• BUSINESS Perspective: Academic understanding of business concepts (e.g. BBA, MBA, MIS, etc.) desired but not required. Exposure to business disciplines while serving in previous security roles, such as: strategy, pricing, competitive analysis, business economics, mergers and acquisitions, sales, marketing, communications, etc. Any experience you have had combining security with these domains (e.g. security sales, sales engineer, customer success, etc.) would be relevant and valuable.

• IT Perspective: Previous experience as an IT practitioner helps you to empathize and partner with our key stakeholders in Technology. We believe that it also produces the most well-rounded and capable security professionals. Whether it is in help-desk, network, server, database, software development, or another discipline, previous work as an IT professional in your career journey is a relevant, desirable qualification.

• SECURITY Perspective: As first and foremost an information security professional on an information security team, you will be expected to have a strong mid-career command of risk management. This starts by knowing the major types of threat actors and attacks, and being able to map those relevant to our specific industry. You'll then need to know the major classes of countermeasures that a security program would use to countermand each type of threat actor / attack; and even if you have not served as a technical control operator, we expect you to know the common hallmarks of how to assess a control's effectiveness against a threat. The more detailed and technical you can get in these regards, so much the better.

• OPERATIONAL Perspective: This role is one of the most multidisciplinary on the team. Although your primary skill set must still be security, risk, and controls -- strong customer service, communication, and project management skills are almost equally as important. You will need to be disciplined in designing and driving to a pre-audit plan, post-audit follow up, keeping a schedule of audits, keeping minutes and records, and coordinating across our team and the customers' teams.

• Desired previous experience with cloud technologies and security; Google Cloud (GCP) preferred.

Extra points for the any of the following:

• High self-motivation and ambition; conscientious work ethic, high standards, and keen attention for details. Beyond mere compensation, seeks learning, experience, and the career growth that naturally accompanies these.

• Articulate, well-spoken, and well-written as befits a senior customer service role. Able to interact with all stakeholders at the highest level of professionalism and service.

• Solution-oriented, willing to do whatever it takes to deliver a complete solution to our customers. When a handoff is appropriate, exemplary coordination and communication. Attitude of commitment and follow-through.

• Can be outgoing as needed, effective at networking, building long-term relationships where outcomes are achieved by goodwill and consensus rather than through direct management power.

• High integrity and an "engineer's mindset" of doing complete, quality work -- but tempered when necessary with a business mindset and smart pragmatism.

• Collaborative, not credit-seeking, trusts that contributions will be seen and rewarded.

• Feels a personal investment in the organization's and team's success. Cares for the well-being of others regardless of their position in the organization and treats everyone with respect.

Success Attributes of an Equifax employee; does this describe you?

• Accountability

• Bravery

• Curiosity

• Collaboration

• Think and act differently

• Trust

• Ownership

• Decide-Execute-Ship

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

If this sounds like somewhere you want to work, don't delay, apply today - we're looking for you!

Primary Location:

USA-St. Louis-2330 Ball

Function:

Function - Security Governance and Compliance

Schedule:

Full time

Keywords: Equifax, St. Louis , Director of Customer Security, Other , Saint Louis, Missouri