|Date Posted||August 8, 2019|
The Information Security team is looking for someone who is both tactical and strategic, who can take strong executive support and a strategic commitment to transformation, and use that to build a quality data protection program.
The Senior Manager, IT Data Protection, coordinates and manages the organization’s efforts to identify, protect, educate, and provide security governance over, all data for which the organization is responsible, across the entire lifecycle of that data. The Senior Manager partners with fellow Information Security team members and cross-functional groups across the enterprise to coordinate risk management, architecture, Security Operations, Data analytics, IAM, and others to achieve those goals.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- In collaboration with business and technology owners, develop, execute, and keep current a program to identify and categorize all sensitive or otherwise important data for which the organization is responsible, across the entire lifecycle of that data.
- Develop processes to educate and inform organization regarding data classification, handling, retention and access.
- Ensure compliance with applicable policies and procedures.
- Assist in the development of policies and protocols regarding the handling of all such data.
- Coordinate with Security Operations and Analytics service lines regarding emerging and active threats.
- Coordinate with Risk Management functions regarding the evaluation of applicable risks.
- Coordinate with Security Architecture and Engineering functions regarding the selection and implementation of applicable controls.
- Provide governance over the relevant technical and procedural controls.
- Identify and provide applicable metrics, analytics and reporting to demonstrate the effectiveness of the program.
- Maintain an awareness of existing and proposed security standards and industry best practices, and recommend appropriate changes
- Serve as a Subject Matter Expert resource to all relevant parties.
- Minimum of 5 years of demonstrated experience in multiple facets of data, network, and/or application security, preferably in a Fortune500 scale enterprise
- Experience with the application of threat modeling or other risk identification techniques
- 3+ years of tactical leadership of Information Security programs
- 3+ years supervisory responsibilities of Information Security staff
KNOWLEDGE, SKILLS & ABILITIES:
- Strong interpersonal skills and ability to create collaborative relationships with colleagues in Security, IT, and the business.
- Strong knowledge of security and privacy frameworks, requirements, and implementing data protection controls and processes across platforms and data states.
- Extensive knowledge of information security tools and best practices regarding risk management, audits, and compliance as they pertain to data, including encryption, access control, DLP, DRM, scanning technologies, and eGRC tools.
- Strong knowledge of technology best practices regarding networking, application development, and Cloud implementation as they pertain to data storage, movement, and usage.
- Excellent technical knowledge, team skills and solid analytical skills for problem determination and resolution.
- Strong sense of ownership and drive.
- Excellent verbal/written communication skills.
- Demonstrated ability to manage multiple priorities.
Education: Bachelors or extensive applicable experience required; graduate level degree preferred.
CERTIFICATES, LICENSES, REGISTRATIONS
GIAC, CISSP and/or CCSP Preferred