Responsibilities :
- Lead the Data Security Operations track end to end
- Take complete ownership of Design, build, Implement Data Security controls and manage Data Security Operations including DLP operations, Design & Engineering of DLP such as Email DLP, Endpoint DLP, CASB DLP, Data Classification solutions, Data Discovery, Data encryption and tokenization, Data protection.
- Design DLP Standards, Policies, Frameworks as per Industry best practices and organization requirements
- Align standards, frameworks and security with overall business and technology strategy
- Identify and communicate current and emerging security threats
- Design data security architecture elements to mitigate threats as they emerge
- Create solutions that balance business requirements with information and cybersecurity requirements Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications
- Train users in DLP Implementation and operations
- Manage Automation of DLP process by integrating with AI/ML process, SOAR solutions.
- Manage Integration with Service Now
- Manage Data Security Audits
- Define measurements and controls required to ensure that the procedures attain process objectives and goals. This includes compliance requirements from legislation or other adopted compliance frameworks.
- Define reports required to monitor the health of the process, show attainment of objectives, and communicate process execution as it related to service levels.
- Define Evaluate Performance schedule. Surface additional tool requirements. Validate that procedures capture the required data to satisfy reporting needs. Define process meetings
- Ensure zero backlogs and minimal ageing incidents
- Ensure adherence to SLA- s
Skills :
Technical Skills :
- Knowledge of the following technical skills should prove useful
- Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
- Technical understanding and hands on experience in DLP and CASB tools and tech such as, Forcepoint, Mcafee, Symantec, Microsoft, Email DLP solutions, Data Encryption and Data Governance solutions
- ISO 27001/27002, ITIL and COBIT frameworks Windows, UNIX and Linux operating systems Perimeter security controls - firewall, IDS/IPS, network access control and network segmentation Router, switch and VLAN security; wireless security concepts related to DNS, routing, Sensitivity: Internal & Restricted authentication, VPN, proxy services and DDOS mitigation technologies Practices and methods of IT strategy, enterprise architecture and security architecture
- Network security architecture development and definition Knowledge of third-party auditing and cloud risk assessment methodologies
- Service Now Integration
- AIP/MIP Classification
- DRM Solutions integration
Leadership Skills :
- People Management skills
- Should be able to lead and manage team size of 50+ data security professionals
- Should guide and mentor the data security operations team to ensure high performance team.
- Should be able to manage global stakeholders
- Present state of data security operations to the top management regularly as and when required
- Report and publish daily, weekly, and monthly reports to various stakeholders, accounts, and entities globally and within CISO office.
- Should have excellent communication skills and lead from the front with minimal guidance
- Work closely with BISO office for account specific Data security incidents remediation
- Work closely with cyber investigations team in getting the data security incidents investigated and closed
Preferred Qualifications:
- Undergraduate or master's or Post Graduate Degree from a reputed institute
- 16-20 years of demonstrated cybersecurity experience
- Minimum 10-15 years of data security and leadership experience a must
- Education/Certifications: CISSP, CISM, CISA, CEH, IAAP certifications such as CIPT, CCSK, CCSP,
- AWS & Azure certifications a plus
- Exposure to security standards NIST Cyber Security Framework, NIST SP800-53, COBIT, ISO27001 and regulatory requirements of GDPR compliance, DPIA for DLP and information protection perspective
- Hands on experience and expertise in Data Leakage Prevention solutions - Endpoint DLP, Email DLP, Network DLP, CASB-DLP for cloud- AWS, Azure, GCP Cloud, Oracle Cloud
- Hands on experience in CASB -DLP configuration and integrations with Salesforce, GitHub, Google suite, Office 365, Service Now
- Good understanding of Cyber Kill Chain process, MITRE Attack framework and various types of cyberattacks and incident response to the cyber-attacks such as Ransomware attacks, DDOS attacks, Applications security attacks, Cloud cyber-attacks, API security cyber attacks
Didn’t find the job appropriate? Report this Job