Staff Engineer - Data Security / Governance

Job Title: Staff Engineer, Data Security and Governance

Location: Remote

We are looking for a highly motivated data security specialist to join our Engineering Security function reporting to the Director of Engineering Security and Compliance. The ideal candidate should possess strong data security skills, data loss prevention concepts, a deep understanding of data governance life cycle, and a keen eye for detail.

Job Duties:

• Define and Implement data security strategy and solutions aligning with information security program objectives, policies, procedures, and technical control requirements.
• Function as a subject matter expert in multiple service areas of data security and operations – Data Loss Prevention (DLP), data minimization, data discovery, cloud data protection, Privileged Access Management (PAM), data privacy, data classification and rights management, key and certificate management, data encryption, data access governance, etc.
• Define and Implement data classification strategy, policy, procedures and related tools.
• Work closely with business leaders to review and understand data security, compliance, and privacy requirements for new and in-flight projects and initiatives, with the ability to articulate the impacts clearly and concisely, while recommending solutions and offering practical suggestions as to remediation activities.
• Lead the technical configuration, implementation, administration, management and support of multiple data security products and solutions such as CASB, SASE, DLP, DSPM etc.
• Define key performance indicators (KPIs) and key risk indicators (KRIs) for data governance and protection controls.
• Gather metrics and report updates to the key business leaders.
• Develop use cases, scenarios, requirements in support of integrations with other platforms.
• Identify and document all data processing activities and data flows within the organization
• Create and update data protection policies, privacy notices, consent forms, and other related documents in collaboration with the legal department
• Conduct DPIAs for new projects or changes in data processing that may impact data subject’s privacy.
• Conduct periodic audits to assess and maintain data security compliance

The following items detail how you will be successful in this role.

• Understand the rationale behind and how changes impact the enterprise and/or applications and across the technical ecosystem.
• Translate high level requirements to create and implement designs that meet the needs of the customer, technically sound, maintainable and cost effective.
• Ability to identify missing or ambiguous requirements.
• Ability to design at both high and low levels of abstraction, understand complex requirements and translate into understandable solutions. Ability to accurately estimate based on requirements.

Requirements:

• Bachelor’s degree in Computer Science, Information Systems
• 10+ years of experience in the Information Security field
• 5+ years of hands on experience with data security, data protection, privacy and data governance initiatives.
• Experience developing and executing data security strategies.
• Experience performing critical systems reviews to assess security implications and requirements for introduction of controls and/or technologies.
• Experience deploying and data security tools to address threats and lower risk:
• Must have hands-on experience with CASB or DLP solutions.
• Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
• Knowledge of PAM, RBAC, authentication & authorization solutions, etc.
• Working knowledge of cloud security CSPM or DSPM solutions
• Familiarity with industry compliances such as SOX, GLBA, NY DFS 500, or ISO 27001
• Working knowledge of CIS, CSA, and NIST Frameworks and best practices.
• Demonstrated ability to collaborate with other teams to achieve complex objectives.

Knowledge and/or proven record of successfully managing technology implementation projects for at least two (2) of the following :

• Data Loss Prevention (Symantec DLP, McAfee DLP, Forcepoint DLP etc.)
• Privileged Access Management (Beyondtrust, CyberArk, Delinea etc.)
• Cloud Access Security Broker (McAfee Skyhigh, Netskope CASB, Zscaler, etc.)
• Web Security (Netskope SWG, Zscaler, Forcepoint Proxy, Broadcom WSS etc.)
• Data Retention and Destruction (Symantec Network Discovery, Office365 Security Compliance Center, Varonis etc.)
• Data Classification and Rights Management (Microsoft AIP, Boldon James, Titus etc.)
• Data Access Governance
• Data Encryption and Code Signing
• Data Privacy (BigID, OneTrust etc.)

Vital Tech Solutions is an Equal Opportunity Affirmative Action employer. We prohibit discrimination in decisions concerning recruitment, hiring, compensation, benefits promotions, training, termination or any other condition of employment or career development. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, veteran status, disability status or any other legally protected status.