Equifax is where you can power your possible. If you want to achieve your true potential, chart new paths, develop new skills, collaborate with bright minds, and make a meaningful impact, we want to hear from you.
The Security Lead Analyst will be responsible for designing and maintaining security metrics and reporting frameworks that align with industry standards, with the goal of providing insight on Equifax’s security posture. The Security Lead Analyst will work with security leads from all security and technology domains within the organization to gather telemetry, and identify security metrics and KPIs. He/ she will work closely with the Security GRC team to inform stakeholders of security risks and KPIs. The Security Lead Analyst will also help oversee the development of a custom UI that presents real-time risk posture for all Equifax systems, applications and business units globally. The right candidate will have a good understanding of technical security controls and frameworks.
Equifax has a hybrid work schedule that allows for 2 days of remote work, with three days onsite. The candidate will be required to work from Equifax’s Alpharetta (Atlanta) location.
Sponsorship is not available for this position.
What you will do
Define a threat reporting framework that gives Business a clear understanding of their risk posture and the linkage between the effectiveness of security controls and threats.
Responsible for managing and delivering a product with 10+ direct reports.
Identify the right data sources and their characteristics to inform the required security metrics.
Work with security and technology leaders to identify security and policy-based metrics that align with security controls and risk posture.
Develop policies and procedures to structure the metrics and reporting framework. Maintain a mapping of security metrics to threats, risks and governance requirements.
Determine how to display the business logic in a transparent manner, highlighting any data fidelity issues, allowing stakeholders to easily understand assumptions and known gaps.
Design creative UI to report the posture data and convey complex information to technical and non-technical audiences.
Establish and oversee a governance process to ensure metrics stay relevant and are being calculated correctly.
What experience you will need
Bachelor’s degree, or equivalent education and 7+ years of relevant experience.
Firm understanding of security controls and frameworks.
Experience with threat modeling frameworks.
Experience building and reporting security metrics using business intelligence, data analytics, or dashboarding tools (LookerStudio, Domo, Tableau, Grafana, QuickSight, etc.)
Experience with cyber risk quantification (CRQ) tools and frameworks, such as Riskquant and FAIR is a plus.
Excellent verbal and written communication skills, particularly proficient in discussing complex, nuanced topics with technology and business teams.
What could set you apart
Knowledge of and exposure to the FAIR Framework (Factor Analysis of Information Risk).
Experience building a model that assesses the security posture of the organization and makes recommendations based upon findings.
Experience working collaboratively with key stakeholders across business units.
#LI-Hybrid
#LI-KD1
We offer comprehensive compensation and healthcare packages, 401k matching, paid time off, and organizational growth potential through our online learning platform with guided career tracks.
Are you ready to power your possible? Apply today, and get started on a path toward an exciting new career at Equifax, where you can make a difference!
Primary Location:
USA-GA-Alpharetta-JVW3
Function:
Function - Security Governance and Compliance
Schedule:
Full time
