Data Security Analyst

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field.
• Typically, five (5) years of experience in data security, with specific experience in international (multi-jurisdictional) and/or government / public sector environments.
• Hands-on experience with major cloud and on-premise data platforms in secure environments.
• Experience implementing encryption, key management, DLP, and secure data exchange protocols.
• US Citizenship is required.
• Deep knowledge of data classification frameworks and tools in regulated settings.
• Strong understanding of: International privacy and data protection laws (GDPR, Schrems II, etc.)
• U.S. Government standards (FedRAMP, NIST, FISMA, DoD SRG)
• Cloud security and compliance (AWS, Azure, GCP Government Cloud)
• Skill in supporting security risk assessments and forensic investigations compliant with global breach notification laws.
• Ability to translate complex international privacy and government regulations into actionable, automated technical controls.
• Skill in maintaining clear, audit-ready evidence for internal/external auditing and corporate compliance records.
• Strong analytical, critical thinking, and problem-solving skills with a strategic mindset.
• Capacity to navigate ambiguity and make data-driven decisions.
• Ability to work effectively in a fast-paced and dynamic environment.
• Ability to work both independently and collaboratively in a team environment.
• Ability to present complex technical information to a non-technical audience.
• Strong collaboration and interpersonal skills.
• Strong communication skills.

Nice To Haves

• Industry-specific knowledge and experience related to the organization's projects are preferred (Cyber, Infrastructure, Application Development, etc.).
• Security certifications: CISSP, CISM, CCSP, CRISC, CDPSE, or government-specific (e.g., Security+, CAP).
• Cloud certifications: AWS Certified Security, Azure Security Engineer, Google Cloud Professional Security Engineer (Government Cloud experience highly valued).
• Familiarity with data governance platforms (Microsoft Purview, Collibra, Alation) and automated classification tools.
• Experience with hybrid/multi-cloud architectures and secure government cloud environments (AWS GovCloud, Azure Government, etc.).
• Scripting skills (Python, SQL, PowerShell) for automation of classification, monitoring, and compliance reporting.
• Strong ability to translate complex regulatory requirements into practical technical controls.

Responsibilities

• Support organization-wide data classification programs tailored for international and government contexts. Coordinate and maintain classification schemas (e.g., Public, Internal, Confidential, Restricted/Sensitive, Classified) and ensure consistent tagging and handling of data in warehouses and pipelines.
• Implement and maintain classification-driven security controls in data warehouses (Snowflake, Redshift, BigQuery, Databricks, Azure Synapse, Microsoft Fabric or on-prem solutions), including RBAC, column/row-level security, dynamic data masking, encryption at rest, and audit logging.
• Manage data sovereignty, localization requirements, and cross-border transfer mechanisms (Standard Contractual Clauses, Binding Corporate Rules, adequacy decisions). Ensure compliance with GDPR, LGPD, PIPL, CCPA/CPRA, and other regional regulations.
• Support FedRAMP, FISMA, NIST 800-53, CMMC, ITAR, or equivalent government frameworks. Prepare for audits, maintain Authorization to Operate (ATO) evidence, and implement required security controls for government contracts or public sector data.
• Secure data ingestion, transformation, and movement processes with classification-aware controls. Protect interfaces (APIs, SFTP, EDI, messaging queues) using TLS, mutual authentication, encryption, and DLP policies suitable for international and government data exchanges.
• Enforce strict access controls based on data classification, user clearance levels (where applicable), and need-to-know principles. Manage privileged access and conduct regular access reviews and recertifications.
• Support risk assessments, vulnerability scans, and penetration testing focused on international data flows and government environments. Monitor logs and support Cyber Security use of SIEM tools to detect threats or compliance violations.
• Support security incident investigations involving data warehouses, ensuring proper handling per government and international breach notification requirements.
• Partner with data engineering, compliance, legal, and government stakeholders to embed security and classification into data architecture and pipelines. Advise on secure data sharing with international partners or government agencies.
• Perform other responsibilities as assigned.

Benefits

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance