Analyst - Data Security

About The Position

Requirements

• College diploma or university degree in computer science, data science, IT management or similar disciplines or five (5) years of equivalent work experience
• Basic understanding of permissions, roles, groups, users, and Non-Human Identity (NHI) as it relates to authorized and unauthorized access to sensitive data in various applications, SaaS, file shares (NTFS permissions), etc.
• Ability to consistently execute and maintain technically precise high quality documentation
• Excellent written and oral communication and presentation skills for leadership, technical and business audiences
• General ability to pull data from database tables, database views, application sources, and other data stores for the purpose of compliance reporting
• High level of personal integrity and ability to show an appropriate level of judgment and maturity
• Poise and ability to act calmly and competently in high-pressure, high-stress situations
• Must be a critical thinker with strong problem-solving skills
• Detail oriented, self-motivated and disciplined, with excellent time management skills

Nice To Haves

• Understanding of the fundamentals of data minimization and electronic records management is preferred
• Familiarity with industry standard tools for Data Loss Prevention, Sensitivity Labeling, and Record Identification is preferred
• Understanding of project management principles including problem statements, use cases, success criteria, are preferred

Responsibilities

• Analyze, report, and effect action to improve adherence to company policies regarding storage, transmission, and destruction of data.
• Validate that sensitive data is protected with appropriate user access in accordance to company policy.
• Operate and mature tools to enforce the corporate data classification and data loss prevention program.
• Apply sensitivity labels to unstructured files to ensure proper classification and protection of critical information.
• Enforce technical and procedural controls to govern and restrict the movement of sensitive data within and outside the organization.
• Manage and maintain procedures and tools for data protection, retention, and lifecycle management in accordance with regulatory and internal standards.
• Continuously monitor Wynn-hosted structured data systems to ensure compliance against company security standards (encryption, obfuscation, privileged access, etc.), and construct effective reports for management to determine priorities for mitigation efforts
• Validate and report that encryption of sensitive data, both at rest and in transit, exists across all relevant systems and platforms.
• Continuously monitor and validate that production data does not exist in non-production environments, utilizing available tools including data obfuscation systems.
• Maintain and update inventories of applications and systems that store or process sensitive data.
• Map access to sensitive data, monitoring permissions, roles, and user activity to support robust access control and auditing.
• Develop metrics for the department and opportunities for improvement.
• Other duties as assigned.