Oct 27, 2020

Global Insider Threat Program Architect

  • TransUnion
  • Chicago, IL, USA
Accounting Customer Service Finance Information Technology Management Program Management Sales

Job Description

What We'll Bring:
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation. We're consistently exploring new technologies and tools. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.

As the Insider Threat Architect, you will be responsible for architecting, deploying, and maintaining a global technology infrastructure to support the TU Insider Threat Strategy. You will play a key role in designing and deploying the infrastructure and processes to establish a global Insider Threat suite of tools.

Come be a part of our team - you'll work with great people, pioneering products, and deploy cutting-edge technology.
Requirements
•5+ years' experience architecting, deploying, and maintaining global Insider Threat and Information Assurance solutions
•Expertise with Data Loss Prevention, Data Protection, or Insider Threat security programs
•Experience with the full suite of M365 Data Loss and Data Protection technologies
•Experience in Unix/Linux administration and shell scripting
•Experience with log data aggregation solutions (e.g. Elk, Kafka, Splunk, Exabeam, etc.)
•Previous exposure to networking architecture coupled with an understanding of networking fundamentals
•Experience implementing and administering CASB solutions
•Familiarity with deploying M365 controls associated with Security, Compliance, and DLP
•Familiarity with logging technologies such as OpenText, BMC, Elastic
•Knowledge of Endpoint controls, SMTP and Mail integration within DLP construct
•Working knowledge of various security principals; GDPR, HIPAA, HITECH, NIST, PCI guidelines, and other laws and regulations pertaining to the protection of sensitive PHI/PII data
•Strong understanding of the attack surface for the endpoint environment
•A background in endpoint protection technologies, including agent driven solutions in support of SOC, IR, threat hunting, vulnerability management, and other cyber threat teams operations
•Ability to work independently and collaborate with a team
•Strong communication skills

What You'll Bring:
  • You will drive global scale projects that deliver world-class User/Data Protection controls in support of TU's Insider Threat strategy
  • Partner with technology teams to integrate in the cloud and on-premises solution
  • Work closely with Cyber Threat teams in support of Insider Threat procedures to include monitoring and remediation activities
  • Develop an Insider threat suite of tools across both on-prem and cloud hosted technologies
  • Support the Insider Threat and DLP teams' ability to monitor and defend against insider threat TTPs through a comprehensive supporting technology strategy
  • Develop a product roadmap for all Insider Threat related technologies to include their Full Operational Capability
  • Provide actionable insights, guidance and Information Security subject matter expertise to the GITP Director, UEAB Analytics Lead, and Cyber Enablement leadership


Impact You'll Make:

Optional
  • Familiarization with AGILE development
  • Experience with configuration management systems (e.g. Ansible, Puppet, Salt, etc.)
  • One or more of the following (or similar) certifications: GCIH, GCIA, CISSP, Vulnerability Management/Application Scanner vendor specific certifications


We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.

TransUnion's Internal Job Title:
Advisor, Cybersecurity

Security Clearance

NO Security Clearance

Apply Now