FAQs
What is the main responsibility of the Director of Information Security at TransUnion?
The main responsibility is to lead the Information Security function across TransUnion Africa, driving the execution of the regional Information Security strategy and overseeing the local Information Security team.
How many years of experience are required for this position?
A minimum of 12 years of extensive experience in risk management, information security, and IT is required.
What educational background is necessary for this role?
A degree in Business Administration or a technology-related field is required for this role.
Is a specific certification required for the Director of Information Security position?
Yes, a professional security management certification in Information Security / Cyber Security or industry qualifications such as CISSP, CISM, CISA, or CCSP is required.
What kind of team will the Director of Information Security oversee?
The Director will provide leadership, oversight, and performance management to the organization's geographically distributed information security department.
What are the key skills needed for this position?
Strong leadership, project management skills, time management, problem-solving abilities, and innovative thinking are key skills needed for this position.
How does this role interact with other departments and stakeholders?
The role involves interfacing with senior IT, business, customer, and regulatory leaders, and working closely with business unit leaders to facilitate risk assessment and management processes.
Will the Director need to manage a budget?
Yes, the Director will maintain accountability for the Information Security budget in the region.
What are the expectations for reporting in this role?
The Director is expected to regularly report the status of the security posture and progress against objectives to senior management in Global Information Security and regional IT.
How often is in-person attendance required?
This is a hybrid position, requiring in-person attendance at an assigned TU office location for a minimum of two days a week.
What are some of the compliance standards the Director will work with?
The Director will work with compliance standards such as SSAE 18, PCI DSS, and ISO 27001.
Can the Director expect to work with local and regional regulators?
Yes, experience working with local and regional regulators and authorities to ensure compliance with local regulations is necessary for this role.
Is previous experience with auditing and security assessments required?
Yes, the Director should have experience performing system audits and security assessments, as well as interfacing with external auditors.
What is the scope of the Information Security management program?
The scope of the program spans across eight African countries.
Will this role require hands-on technical contributions?
Yes, the Director must be able to operate as an information security business partner to senior executives and, when necessary, a hands-on contributor on technology deployments and other projects.