At Experian, we are looking for a Senior Information Security Controls Automation Engineer to join our team. You will be responsible for evaluating and testing the effectiveness of security controls across our on-premises and cloud environments. Your primary focus will be to automate control review, reducing manual effort and increasing assessment efficiency by blending cybersecurity GRC with automation engineering.
What You'll Do
- Analyze and automate existing manual test steps for assessing the operating effectiveness of security controls in both cloud and on-premises environments.
- Develop automated control mechanisms such as scripts, APIs, and compliance dashboards, integrating validation logic into CI/CD pipelines, cloud environments, and endpoint tools.
- Enable continuous control monitoring by developing reusable logic and ensuring automated controls produce evidence fit to support control assessments.
- Develop dashboards visualizing compliance status and resolve platform integration errors.
- Analyze false positives and lead remediation of those indicators.
- Maintain a control automation backlog and document all automated control logic, control mappings, and system configurations.
What We're Looking For
- 5+ years of experience in automation development.
- A bachelor's degree in computer science, management information systems, a relevant field, or equivalent demonstrable experience.
- Knowledge of security tooling such as SIEM, Identity and Access Management platforms, and DLP.
- Knowledge of cloud platforms like AWS, GCP, Azure, Infrastructure as Code (Terraform), and scripting languages such as Python, JavaScript, Ruby, C#, or PowerShell.
- Knowledge of cloud architecture and cybersecurity domains and principles.
- Experience in efficiency and risk reduction.
Nice to Have
- Experience with workflow automation platform tines.io.
- Experience with Open Policy Agent (OPA) and Rego.
- Professional certification such as AWS Solutions Architect, CCSP, CISSP, CRISC, ISO 27001 Lead Auditor, or equivalent.
- Experience with information security control testing methodologies, information security risk assessments, and auditing tools.
Technical Stack
- Security Tooling: SIEM, Identity and Access Management platforms, DLP
- Cloud Platforms: AWS, GCP, Azure
- Infrastructure as Code: Terraform
- Scripting Languages: Python, JavaScript, Ruby, C#, PowerShell
- Specialized Tools: tines.io, Open Policy Agent (OPA), Rego
Team & Environment
You will be part of a team responsible for evaluating and testing security controls. You'll collaborate closely with control owners, engineers, and the security control assurance team.
Benefits & Compensation
- Medical, life, and dental insurance
- Asociación Solidarista
- International Share Save Plan
- Flex Work / Work from home
- Paid time off
- Birthday day off
- Annual Performance Bonus
- Education Reimbursement
- Family Bonding
- Bereavement Leave
- Referral Program
Work Mode
This role follows a hybrid work model.
Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of our DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability, or age.
