At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation we're consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius. Come be a part of our team - you'll work with great people, pioneering products and cutting-edge technology.
What You'll Bring:
The TransUnion Cyber Security program seeks an application security advisor to help identify and mitigate application security vulnerabilities. This resource will serve on Transunion's application security team, where they'll perform core services that are essential to securing Transunion's business. The application security advisor should be well versed in multiple security domains with an emphasis on application security and on performing secure code reviews.
Experience in multiple areas of Information Security
Extensive experience in web application security testing
Extensive experience in application security
Extensive experience in performing secure code reviews (both automated and manual)
Familiar with OWASP Top 10
Familiar with development methodologies
Experience with one or more programming languages
Ability to automate repeatable tasks
Strong verbal and written communication skills
We'd love to see:
Experience working in large enterprises
Familiarity or experience with CI/CD pipelines and Agile methodologies
Experience working with AWS and cloud platforms
One or more of the following certifications (or similar): GPEN, GWAPT, GWEB, OSCP, CISSP, eCPPT, etc.
Familiarity with tools such as Veracode, Checkmarx, Fortify, Burp, IBM AppScan, and BlackDuck
Impact You'll Make:
Conduct time boxed web application assessments
Conduct remediation validations against prior findings
Conduct manual code reviews
Conduct static and dynamic code analysis
Consult with developers and architects on secure development
Work with application teams to communicate vulnerabilities, provide remediation guidance, demonstrate issues and work with developers to remediate and mitigate risks
Work on and track tasks via TU's ticketing system
Provide metrics related to your work on a bi-monthly basis
Help build and improve operational processes
Familiar with AWS and other cloud technologies
Stay up to date on application security attack vectors and risks
Mentor and train team members
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.
TransUnion is a global information and insights company that makes trust possible between businesses and consumers, by ensuring that each consumer is reliably and safely represented in the marketplace.
We do this by having an accurate and comprehensive picture of each person.
This picture is grounded in our legacy as a credit reporting agency which enables us to tap into both credit and public record data; our data fusion methodology that helps us link, match and tap into the awesome combined power of that data; and our knowledgeable and passionate team, who stewards the information with expertise, and in accordance with local legislation around the world.
Because of our work, organizations can better understand consumers in order to make more informed decisions, and earn their trust through great, personalized experiences, and the proactive extension of the right opportunities, tools and offers. In turn, consumers can be confident that their data identities will result in the opportunities they deserve.
We make trust possible, so businesses and consumers can transact with confidence and achieve great things. We call this Information for Good®—it’s our purpose, and what drives us every day.