Data Lead: Analytics, Governance & Security

xScion•McLean, VA

2d•Remote

About The Position

As an employee, you Turn Change Into Value® - for our clients, for our company, for your professional growth, and for the consumers. We hire the best and brightest, who are driven to create lasting value. At xScion, you aren't just another team member, you're impactful. You're empowered. You're driven. You're an xScioneer. xScion is seeking an Data Lead: Analytics, Governance & Security to work on an xScion project team with one of our clients. This candidate leads analytics enablement, the governance framework, and the security model for the Data Hub. Ensures highly sensitive benefits and health data is governed, protected, and usable for OEB's priority reporting and compliance use cases — with particular focus on HIPAA, privacy, retention, and audit readiness.

Requirements

Permanent Residency or US Citizenship
Bachelor's degree in Computer Science, Information Systems, Business IT Management or equivalent practical experience
7+ years in data governance, compliance, or information management with direct responsibility for governance framework delivery
Deep working knowledge of HIPAA Privacy and Security Rules as applied to health and benefits data
Experience building data governance frameworks: classification, stewardship, approval workflows, and retention policy
Familiarity with cataloging and access-control tooling — Unity Catalog, AWS Glue Data Catalog, Collibra, Alation, or equivalent
Experience with RBAC/ABAC design and fine-grained security controls for cloud data platforms
Ability to produce audit-ready compliance documentation: posture assessments, risk/mitigation evidence packages
Experience mapping regulatory obligations (HIPAA, state-level benefits law) to data platform controls and monitoring.

Nice To Haves

Prior work in Federal Reserve, OCC, FDIC, or other financial regulatory environments
Experience with Databricks Unity Catalog or AWS Lake Formation for fine-grained access control
CIPP, CIPM, CISSP, or equivalent privacy/security certification
Background in defined benefit or defined contribution plan compliance.

Responsibilities

Define priority reporting and analytics use cases (360 participant view, pension calculations, compliance analytics, inactive population communications) and map them to data, security, and tooling requirements
Establish the Data Hub governance framework: data classification, stewardship roles, approval workflows, retention rules, and incident/breach support aligned with OEB and Federal Reserve policies
Map regulatory obligations (HIPAA, applicable state benefits laws) to concrete controls, policies, monitoring processes, and evidence expectations within the Data Hub operating model
Recommend and oversee cataloging, lineage, and access-control approaches (Unity Catalog, AWS Glue Data Catalog, RBAC/ABAC) to support discoverability, traceability, and least-privilege access
Define fine-grained security patterns: RBAC/ABAC, encryption, key management, logging, and monitoring for highly sensitive data
Produce audit-ready evaluation reports summarizing compliance posture, risks, mitigations, and supporting evidence for internal audits and external reviews
Partner with Architecture/Ingestion lead and IV&V lead to ensure governance and security requirements are built into ingestion patterns, data models, and testing from the outset.