Security Engineer III, Data Governance

InComm Payments

22h•Remote

About The Position

The Data Governance and Data Loss Prevention team is executing the strategic roadmap intended to protect all Sensitive data from unauthorized exfiltration. This strategy considers various types of Sensitive data (PCI, PII, PHI, Security secrets, company intellectual property). Likewise, the execution considers the protection of these types of data through each of the attack vectors or platforms of exposure such as email, endpoint browsers, AI applications, cloud resources, etc. This position will concentrate on the gap analysis evaluation between the current Data Governance and Data Protection state, and the desired state, and the internal directives framework needed to support and enforce the desired plan over time. This requires understanding of (A) contributing factors (cybersecurity, applicable governance and compliance frameworks, Risk Management, Privacy), as well as (B) the people, process and technologies necessary to implement directives and security controls, and (C) implementation strategies to bring controls into completion.

Requirements

Demonstrable hands-on experience assessing, implementing controls, auditing, or remediating issues related to two of these below: PCI DSS Compliance Privacy regulations (i.e.: CCPA, LGPD, GDPR, DORA, HIPAA) Financial regulations (i.e.: NYDFS, SOX, IFRS, FINREP, SEC.
Writing or updating directives (policies, standards, procedures)
Demonstrable hands-on experience installing, setting up, and/or maintaining at least one of the tools/technology groups below: Email DLP: Proofpoint, McAfee DLP, Symantec DLP, Forcepoint, Code42, Checkpoint. Data Classification: Varonis, Microsoft Information Protection MIP, BigID Browsers: Zscaler DLP, Enterprise browsers (i.e.: Island). Cybersecurity and Data Analytics: Tableau, PowerBI, Python, Pandas, JSON/APIs, SIEM, SOAR, Grafana.
Training, knowledge and/or experience (even if basic) with at least two of the practices/areas below: Server/system administration Database/system administration Coding/scripting API integration Project/Program Management, implementations, or incident response
Communications, public speaking, advanced writing, and soft skills development.
Leadership development and mentorship

Responsibilities

Gather, normalize, analyze, and communicate data to define baseline of security controls that need a governance framework.
Work with stakeholders to validate requirements, liabilities, thresholds, risks, and enforcement of directives (policies, standards, procedures).
Update directives through approved process (draft, versioning, final publication).
Socialize directives using marketing, branding, and communications best practices to educate users on practical and consistent adherence to directives.
Collaborate with platform owners to develop automation for continuous monitoring and enforcing directives.
Other related activities to Data Governance and Data Protection such as cross-collaboration and cross-training, mentorship, automation, continuous monitoring, etc.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume