Security Engineer - CISSP/CISM/CISA

Responsibilities :

- Data Confidentiality Strategy & Design: Develop and implement a comprehensive data confidentiality protection strategy aligned with business objectives, regulatory requirements (e.g., GDPR, CCPA, HIPAA), and industry best practices.

- Data Discovery & Classification: Lead data discovery and classification efforts to identify sensitive data across various systems and repositories.

- Data Loss Prevention (DLP): Design, implement, and manage DLP solutions to prevent unauthorized disclosure of sensitive data.

- Encryption & Key Management: Implement and manage encryption solutions for data at rest and in transit, ensuring proper key management practices.

- Access Control & Authorization: Define and enforce access control policies and procedures to restrict access to sensitive data based on the principle of least privilege.

- Data Masking & Anonymization: Implement data masking and anonymization techniques to protect sensitive data in non-production environments.

- Data Governance & Compliance: Collaborate with data governance and compliance teams to ensure data confidentiality protection measures are aligned with policies and regulations.

- Incident Response: Participate in incident response activities related to data breaches and confidentiality incidents.

- Security Awareness Training: Develop and deliver security awareness training programs to educate employees on data confidentiality best practices.

- Technology Evaluation & Implementation: Evaluate and recommend data confidentiality protection technologies and solutions.

- Monitoring & Reporting: Monitor data confidentiality protection controls and generate reports on key metrics.

- Documentation: Create and maintain documentation related to data confidentiality protection policies, procedures, and solutions.

- Collaboration: Work closely with other security professionals, IT teams, and business stakeholders to ensure a holistic approach to data confidentiality protection.

- Stay Updated: Keep abreast of the latest data confidentiality protection threats, technologies, and regulations.

- Strong understanding of data confidentiality protection principles and best practices.

- Experience with data loss prevention (DLP) solutions (e.g., Symantec DLP, Forcepoint DLP, McAfee DLP).

- Experience with encryption technologies and key management systems.

- Experience with data masking and anonymization techniques.

- Familiarity with data governance and compliance frameworks (e.g., GDPR, CCPA, HIPAA).

- Knowledge of access control and authorization mechanisms.

- Experience with security information and event management (SIEM) systems.

- Understanding of cloud security principles and practices.

Certifications (Preferred) : CISSP, CISM, CISA, or other relevant security certifications.

Soft Skills :

- Excellent communication and interpersonal skills.

- Strong analytical and problem-solving skills.

- Ability to work independently and as part of a team.

- Ability to manage multiple tasks and priorities.

- Strong attention to detail.