Location: United States (Remote)

Experience: 5 to 10 Years

Responsibilities

·        Applies strong analytical and principles-based reasoning to define and propose secure and scalable solutions.

·        Facilitates compliance with relevant standards and evolving international regulations.

·        Develops, documents, promotes and maintains Data Security Policies, Standards and Guidelines.

·        Works collaboratively with Data and AI Tower to ensure risks are mitigated through secure development and deployment of data and AI workflows (e.g. secure AI stack lifecycle, secure data management lifecycle)

·        Owns and manages PKI/CA, encryption and secrets management.

·        Manages and sets standards for secure data transfer services.

·        Contributes to the definition and execution of Information Security Strategy and related roadmaps.

·        Works closely with other IT managers and staff to ensure that Data Security is appropriately addressed in the implementation and operation of all technology and application services, systems and platforms.

·        Researches and advocates solutions to support Information Security requirements of the enterprise.

·        Maintains deep expertise in how to secure traditional and modern data storage platforms and services.

·        Manages Data Security service levels through approved outsourced service providers.

·        Automates security processes and workflows to improve efficiency and reduce manual overhead.

·        Acts as a trusted advisor to IT, including Data and AI teams, on secure design, architecture and implementation of applications, systems and/or services

Skills:

·        Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and secure solutions.

·        Extensive expertise in NIST and ISO 27000 security practice frameworks.

·        Extensive hands-on experience with Data Security technologies (e.g. DLP, Public Key Infrastructure / Certificate Authority, PGP, Database encryption, key management, Data Classification and enterprise file encryption, email encryption, data lake protections, secure data transfer).

·        Experience securing Azure Cloud infrastructures and services.

·        Proficiency with scripting / programming languages ( e.g. Python, Powershell, C# )

·        Familiarity with international data privacy regulations and best practices.

·        Experience with ADCS, Microsoft Purview, Azure Information Protection and Varonis.

·        The following are not essential, but are highly valued;

Demonstrable expertise with automation practices and toolchains (e.g. Git, Ansible, Terraform, etc…)

Education:

·        Bachelor's or Master's degree in Computer Science, Information Systems or other related field, or equivalent work experience.

·        Professional Security Management certification, such as ISC(2) Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender (GCED)