CFC Senior Enterprise Security Incident Manager (US Remote)

  • Full-time
  • Employee Status: Regular
  • Role Type: Hybrid
  • Job Posting - Salary Range: $141,540 - $254,771
  • Department: Information Technology & Systems
  • Flexible Time Off: 20 Days
  • Schedule: Full Time
  • Shift: Day Shift

Company Description

Ready to make a difference? Experian has evolved into a global tech company and leader in data and analytics. We’re passionate about unlocking the power of data in order to transform lives and create opportunities for consumers, businesses and society. We’re a constituent of the FTSE 30 and for more than 125 years we’ve helped economies and communities flourish – and we’re not done.

Discover the Unexpected - Our 22k amazing employees in 30+ countries believe the possibilities for you, and the world, are growing. We’re investing in the future, through new technologies, talented people and innovation so we can help create a better tomorrow. To do this we employ ‘big-thinkers’ and ‘can-doers’ that share our purpose #uniquelyexperian

Job Description

Please note, this role will require you to be part of an on-call rotation for response to significant security incidents outside of normal work hours, including holidays and weekends. 

As a member of Experian’s Global Security Office (EGSO), the Enterprise Security Incident Manager (ESIM) functions as a Cyber Incident Commander and coordinates the Cyber Fusion Centre’s (CFCs) response to significant cyber-security incidents according to Experian’s Global Information Security Incident Response Plan (IR Plan) and processes. You will be responsible for initiating and tracking various workstreams during security incidents to ensure there is effective detection, response, containment, eradication, and recovery during incident response and managing executive communications until incident termination. This role will involve working with end-users, stakeholders, technical support teams, business leadership, and executives to ensure appropriate responses, communications, and actions are completed. Additional responsibilities include leading tabletop exercises to test the IR Plan, managing vendor relationships, and updating incident response plans & processes. The candidate for this role must be a self-starter, capable of working independently, and have strong technical skills involving cyber-incident response, strong writing skills, effective communicating with leaders, works well under pressure, well organized, as well as other soft skills. 

This is a technical hands-on position supporting the strategies of the Cyber Fusion Centre (CFC) and Experian’s Chief Information Security Officer.  This position reports directly to the CFC Senior Director of Incident Response as part of the CFC’s Incident Response program.  

What you'll be doing

  • Serves as the Cyber Incident Commander for significant or high-profile security incidents including validating and escalating incidents, coordinating cross-enterprise response activities, facilitating information sharing, and incident documentation. 
  • Serve as liaison between technical teams, business leadership, and other stakeholders to minimize the impact of an incident and resume normal business operations. 
  • Coordinate response activities in partnership with the CFC teams, business units, crisis management, technology teams, and other stakeholders for moderate and major severity security incidents.  
  • Coordinate and direct efforts within individual CFC teams throughout the incident response lifecycle. 
  • Provide timely and relevant updates to appropriate executives, stakeholders, and key decision makers. 
  • Conduct post incident reporting, root cause analysis, and provide relevant insights to guide process improvements and lessons learned to prevent future occurrences of similar security incidents.  
  • Maintain strong working relationships with CFC team leadership to maintain situational awareness of potential risks to the Experian environment. 
  • Participate as Cyber Incident Commander during routine table-top exercises designed to test the IR Plan and crisis response for major security incidents with participation from executives and other key business stakeholders. 
  • Must be available to respond to after-hours pages for potentially major security incidents and manage the CFC incident response during assigned nights, weekends, and holidays as part of an on-call rotation. 


What your background looks like

  • 5-8+ years' of experience in information security incident handling and/or security operations.
  • Experience with investigation and response activities associated with large scale and complex incidents of all types to include APT, DDOS, insider threats, web and mobile applications, data exfiltration, ransomware, etc. 
  • Demonstrate strong knowledge of Cyber-Incident Response and Investigative Methodologies.  
  • An ability to triage and assess a Cyber Security Incident at the moment of notification to determine impact, actions necessary, and make recommendations for remedial action. 
  • Demonstrate critical thinking skills, analytical expertise, attention to detail, and ability to function in a fast-paced environment. 
  • Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and root cause. 
  • A broad and deep understanding of cyber-security threats, vulnerabilities, security controls and remediation strategies in global enterprise and cloud environments. 
  • Knowledge of common technologies, computer systems, cloud services, and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber-attacks. 
  • Demonstrated knowledge of common adversary tactics, techniques, and procedures. 
  • Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems. 
  • Ability to communicate complex and technical issues, verbally and in writing, in an easily understood, authoritative, and actionable manner. 
  • Ability to collaborate and communicate with team members daily and ensure that all required actions and needs are passed to subsequent shifts. 
  • An ability to assess the needs of the role and take action without being tasked, while keeping the team and leadership aware of the status of any projects taken on. 
  • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business. 
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one. 
  • An ability to effectively influence others to modify their opinions, plans, or behaviors. 
  • A team-focused mentality with the proven ability to work effectively with diverse stakeholders. 
  • Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously. 
  • Proactive attitude, seeking improvement opportunities that can positively impact the security posture and the business. 
  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Security, or a related discipline or relevant work experience. 
  • Certifications involving incident response, ethical hacking, digital forensics, or cyber security (GIAC, CISSP, SSCP, CISM, EC-Council, Offensive Security, etc.) are a plus.


  • ​20 days of vacation accrued annually, five sick days, and two volunteer days (plus twelve paid holidays). 
  • Competitive pay and comprehensive benefits package, with a bonus target of 20%. 
  • This role can be 100% remote long-term or you can work out of one of our offices. 
  • People-focused culture where personal and professional growth is prioritized. 
  • Recognition and celebration of performance and achievements. 
  • Power to bring your whole self to work – where your differences and values will be respected and celebrated. 
  • Employee Resource Groups set up and run by employees, for employees. These networks build, celebrate, and further understanding of the diverse identity and experiences within Experian, in support of our commitment to diversity and inclusion. 
  • International network of peers; mentorship programs.

Additional Information

All your information will be kept confidential according to EEO guidelines.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe. See our DEI work in action!

Please contact us at [email protected] to request the salary range of this position (please include the exact Job Title as it reads above in your email). In addition to a competitive base salary and variable pay opportunity, Experian offers a comprehensive benefits package including health, life and disability insurance, generous paid time off including 12 company paid holidays and parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Privacy Policy