Manager - Data Security & Governance - IT

- Develop and implement data security and governance policies, standards, and procedures in alignment with industry best practices and regulatory requirements. Establish and maintain data classification frameworks to identify sensitive data and ensure appropriate protection measures are in place. Conduct regular risk assessments and vulnerability scans to identify potential security gaps and mitigate risks to data integrity.

- Collaborate with IT and cybersecurity teams to implement and monitor technical controls, such as encryption, access controls, and intrusion detection systems. Define data retention and disposal policies to ensure compliance with legal and regulatory requirements, as well as internal data management needs.

- Lead efforts to educate and train employees on data security best practices and compliance obligations. Serve as the primary point of contact for internal and external stakeholders on matters related to data security and governance.

- Stay abreast of emerging threats, vulnerabilities, and regulatory changes affecting data security, and recommend appropriate mitigation strategies. Prepare and maintain documentation, including security policies, procedures, and incident response plans. Coordinate with audit teams to facilitate internal and external audits of data security controls and processes.

- Qualifications: Bachelor's degree in computer science, information technology, cybersecurity, or a related field; advanced degree or relevant certifications (e.g., CISSP, CISM) preferred. Proven experience (X years) in a data security or governance role, with a strong understanding of data protection principles, practices, and regulations (e.g., GDPR, HIPAA, PCI DSS). Demonstrated expertise in developing and implementing data security policies, procedures, and technical controls. Experience with risk management frameworks (e.g., NIST Cybersecurity Framework, ISO 27001) and conducting risk assessments.

- Proficiency in evaluating and deploying security technologies and tools, such as data loss prevention (DLP), identity and access management (IAM), and encryption solutions. Excellent communication and interpersonal skills, with the ability to collaborate effectively across departments and influence stakeholders at all levels of the organization. Strong analytical and problem-solving abilities, with a keen attention to detail. Ability to work independently and manage multiple priorities in a dynamic environment.