This role involves collaborating with the Security Engineering and Governance, Risk, and Compliance (GRC) teams to create a comprehensive data protection program.
Key Responsibilities: Conduct gap analyses on existing systems and processes.
Analyze data flow through the information lifecycle for security vulnerabilities.
Collaborate with Technology Services and business units on data discovery and security controls.
Develop and recommend a data security strategy and roadmap based on gap analysis findings.
Work with the GRC team to implement and enhance security controls aligned with frameworks like NIST CSF and NIST 800-53.
Perform auditing and strategic analysis of data security practices.
Report on current data security risks regarding sensitive enterprise data.
Identify access and security gaps and suggest tools and techniques to improve data security and prevent loss.
Recommend enhanced logging and monitoring capabilities for sensitive data across repositories.
Familiarity with Data Leakage Protection (DLP) and Digital Rights Management.Expertise in cybersecurity.
Qualifications: Familiarity with Security Tools: Knowledge of Data Leakage Protection (DLP) and Digital Rights Management (DRM).
Desirable: Security Certifications: Relevant certifications in information security.
Compliance Knowledge: Strong understanding of Sarbanes-Oxley compliance, corporate security, and network policies and procedures.
Framework Knowledge: Expertise with security frameworks such as NIST CSF, NIST 800-53, ISO 27000 series, and COBIT.
Gap Analysis: Proven ability to perform gap analysis on existing systems and processes.
Expertise in data security and analyzing data flow through the information lifecycle.
Technical Familiarity: Knowledge of encryption, cloud security, and access controls for Data Warehouses and Data Lakes.
Christmas Bonus Vacation Days Superior Vacation Bonus Life Insurance Major Medical Insurance Dental Insurance