Description:Developer - Data Security and Protection program
SummaryOperating within the Cyber Fusion Center, the Global Data Security Program is responsible for safeguarding the confidentiality and integrity of Company's data assets. This role is dedicated to developing and deploying scalable solutions and automation to accelerate global data protection initiatives while proactively mitigating Company's exposure to cyber risks.
AccountabilitiesExecute on projects, objectives, and deliverables in alignments with team vision, mission, and goals.Develop program metrics, continuously measure progress , and drive improvements.Develop technical documentation (i.e. system design, architecture diagrams, data flows, functional specifications).Identify and address vulnerabilities and implement security measures to drive continuous improvement of data protection practices.Routinely develop and update program documentation, processes, and technologies to adapt to emerging threat landscape.Create and deliver training sessions; mentor junior team members; and engage in knowledge transfer sessions, technical design reviews, security reviews, and business review meetings.Collaborate with the Senior leadership and cross-functional team including security operations, legal, privacy, data and analytics, enterprise architecture, Platform team, and sector functions.
Years of Experience3+ years in cyber security, software development, computer engineering; or master’s degree in computer science/engineering or related cyber field, and 1 year of relevant experience.
Mandatory Technical SkillsManage DLP tools which includes configuring policies, tuning, testing, and implementation of new features and functionality.Provide support across multiple areas of data security and operations – Data Loss Prevention (DLP), data minimization, data discovery, cloud data protection, Privileged Access Management (PAM), data privacy, data labelling, data classification and rights management, data encryption, data access governance, etc.Manage technical configuration, implementation, administration, management and support of multiple data security products and solutions such as CASB, SASE, DLP, DSPM etc.Develop technical documentation (i.e. system design, architecture diagrams, data flows, functional specifications).Leverage APIs to collect key performance indicators (KPIs) and key risk indicators (KRIs) for data governance and protection controls.Collaborate with the Senior leadership and cross-functional team including security operations, legal, privacy, data and analytics, enterprise architecture, Platform team, and sector functions.
Non-technical SkillsExcellent problem-solving, analytical, and critical thinking skillsDemonstrated ability to autonomously make high-judgment decisions and take calculated risks.A proactive and positive team player who is impact-focused, driven, curious, analytical, and a self-starter.Ability to establish trust relationships and influence others to positively impact the security posture and the business.Flexible and adaptive to support a dynamic and global environment with diverse stakeholders and ambiguity.Solid customer orientation with excellent oral and written communication skills in English.Must be able to operate well under pressure.Must be fluent in English and Spanish
Differentiating behaviorsSkilled in leading complex technical projects with expertise in cybersecurity, software engineering, agile methods, and customer interaction.Proficient in evaluating the relative costs, benefits, and trade-offs of potential courses of action to pinpoint the optimal solution.Skilled in task organization, time management, and prioritization to align actions with business objectives.Meticulous attention to detail, adept at articulating crucial specifics clearly in both verbal discourse and technical documentation.Proficiency in cultivating cooperative, transparent working partnerships with technology teams and various stakeholders, encompassing vendor connections.Effective communication skills, capable of conveying information clearly and engaging with technical and non-technical audiences across various levels.Information Security certifications such as CEH, CISM, CISA, Security+, Network+, CISSP, OSCP, GPEN, GWAPT, GXPN, GSE are a plus.