Sr Advisor - Senior Cybersecurity Incident Responder

TransUnion's Job Applicant Privacy Notice

What We'll Bring:

At TransUnion we have a welcoming and energetic environment that encourages collaboration and innovation - we're constantly exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.

Come be a part of our team - you'll work with great people, pioneering products and cutting-edge technology.

Our quest to modernize the way we do technology is not slowing down anytime soon. We continue to make big strides in our agile atmosphere to bring the latest in products and solutions within the cloud infrastructure. Our cloud teams have the potential to shape the future by solving thought-provoking problems and using transformational technology to further enhance our capabilities in this data-driven world. Helping our clients build trust begins with a strong team of innovators ready to pave the way with strategy and optimization in mind. You’ll have the chance to thrive in a culture of ownership and delivery as these efforts continue to expand. As technology evolves, our advantage in having an ecosystem of innovation and modernization creates an unmatchable environment. These advantages can enable you to be at the center of groundbreaking discoveries.

What You'll Bring:

• 5+ years of experience in incident response, ideally in a large multinational environment

• Experience identifying, investigating, and responding to complex attacks in the cloud (M365, Azure, AWS) or on premises (Windows, Mac, and Linux).

• Strong understanding of threat landscape in terms of the tools, tactics, and techniques of threats employing both commodity and custom malware

• Strong understanding of how complex, multi-stage malware functions

• Scripting experience - Python, bash, cloud service API scripting, Jupyter Notebooks

We'd Love to See:

• Previous Cloud Response experience (AWS, Google, or Azure) - huge plus

• Lack of cloud experience is not a deal breaker, but training will be required and is provided

• DevSecOps experience, including building cloud resources and cloud-based processes

Impact You'll Make:

This role is a member of the larger Cyber Threat Management team, which includes security analysts and incident handlers who work alongside teams responsible for red teaming, intelligence analysis, and technical threat researchers. This role will lead response efforts to complex attacks against TransUnion globally and participate in a wide range of larger IR program activities specific to our growing cloud and other environments.

• We are a geographically diverse team, with offices and personnel around the globe, making this a remote work position for the right candidate. To support these requirements in addition to the technical skills listed below ideal candidates will also have prior remote work experience and possess necessary soft skills to support their success.

• Lead response and investigation efforts into advanced/targeted attacks

• Experience with investigative technologies such as SIEM, packet capture analysis, host forensics, and memory analysis tools

• Work with various internal teams to identify gaps in and expand coverage of endpoint, logging and network tooling to improve monitoring and response capabilities

• Assist in the design, evaluation and implementation of new security technologies

• Experience with preparing and responding to cloud environment incidents

• Conduct cybersecurity tabletop exercises with business teams

• Work with internal teams to meet customer and regulatory audit goals

This is a hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week.

TransUnion Job Title

Sr Advisor, Cybersecurity