Job Location: Austin, TX
THIS IS A REMOTE POSITION
PURPOSE AND SCOPE:
Contributes to the functional implementation and management of the ISO Data Protection Program. Responsible for assisting other members of the team to protect information assets, conceptualizing, defining, and evaluating alternate solutions and technologies. Assists with security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Supports data security governance initiatives which may include; discovery and documenting business data processes, data flows, and determining data classification; developing and managing data repository and application inventories; metadata management and analysis.
PRINCIPAL DUTIES AND RESPONSIBILITIES:
-
Supports the implementation and management of:
- A centralized data security and protection governance model
- An organization-wide data protection framework (policies, procedures and guidelines) and classification mappings
- Centralized governance of the technology solutions employed
- Data classification activities
- Data protection requirements
- Event and Incident escalation and analysis
- Systems integration and automation
- Supports engineering inputs on organizational data protection and data loss prevention strategies
- Supports the delivery of secure data solutions to development teams and being deeply involved in the data protection capability delivery and implementation
- Drives continuous integration and deployment of data security solutions
- Serves as liaison to data teams in ISO and IT, supporting technology architecture, security advisement and security governance teams
- Supports data tagging, classification, and creating custom analytics for data security.
- Collaborates with analysts and IT to improve IDS/IPS functions
- Serves as a liaison between the Corporate, IT and business end-users in relation to data governance and management
- Engages business areas and help to identify, classify and prioritize key data elements for protection
- Collaborates with subject matter experts and other stakeholders to foster a culture of security within the enterprise.
- Identifies and/or promotes best practices, standards, and methodologies to assist in the execution and implementation of Data Security Governance.
- Team-oriented and promotes execution and change through influence
- Articulates information security risk into business terms
- May advise PM’s leading projects for Data Security and Protection related initiatives including ensuring delivery of business requirements and provide analysis and solutions for potential problems.
-
Performs other related duties as assigned.
PHYSICAL DEMANDS AND WORKING CONDITIONS:
- The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Little to no travel is expected for this position.
SUPERVISION:
- None
EDUCATION AND REQUIRED CREDENTIALS:
- Bachelor’s Degree or an equivalent combination of education and experience
EXPERIENCE AND REQUIRED SKILLS:
- 1 – 2 years’ related experience or an equivalent combination of education and experience.
- Knowledge and experience on how databases interact with applications, infrastructure, and network
- Knowledge of DLP architecture, system policies, rules, etc.
- Knowledge and experiences with data protection concepts such as encryption, obfuscation, entitlement, access controls, user management, user and application authentication and authorization, security monitoring, and others
- Demonstrable experience implementing tools and systems for enterprise-level DLP, DAM, Encryption/Tokenization, and Data Discovery
- Experience with both host-centric and network-centric DLP software and CASB solutions; Azure, Netksope, Digital Guardian, and Symantec experience preferred
- Ability to identify & research potential risk areas for data leakage exposures
- Ability to extract, analyze, and correlate data from multiple disparate systems and present an accurate representation of the facts related to an event
- Experience in working with and gaining the trust of associates and business stakeholders
- Knowledge and expertise on a vast array of hardware, network, and software, and cloud platforms
- Understanding of information security regulations, including Federal Information Security Management Act (FISMA), Service Organization Control 2 (SOC 2), Federal Information Processing Standard (FIPS), National Institute of Standards and Technology (NIST), IS0 27000 series, HITRUST, Cloud Security Alliance (CSA) and various other laws and regulations including Executive Orders a plus
- CISSP, CASP, Security+, or other technical certification(s) a plus
- Able to self-start and lead cross functional teams and deliver results with minimal supervision.
- Working knowledge of Scripting languages a plus
- Experience with IDS/IPS and passive/active exploitation a plus
- Experience with SIEM solutions a plus
EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity
Fresenius Medical Care North America maintains a drug-free workplace in accordance with applicable federal and state laws.
Submit CV To All Data Science Job Consultants Across United States For Free
