Information Security Opportunity in Financial Services
Senior Data Protection Engineer
Location(s): 20 E Thomas Road, Phoenix, AZ 85012
**Remote candidates will be considered
Advisor Group is looking to add a Sr. Data Protection Engineer to our growing InfoSec team. Our selected candidate will assist with the monitoring of all Data Loss Prevention/Protection events, completing initial investigations, and escalating all necessary events to appropriate incident teams once determined as a true incident. The Analyst must be able to identify potential data leaks and determine if information constitutes a violation of any company policies related to Personal Identifiable Information (PII) or Intellectual Property (IP). The position supports the firm's data protection program by documenting and analyzing existing data systems, data threats and vulnerabilities.
Why Advisor Group
- Competitive salary and annual bonus paid based on performance
- Generous time off package, including paid time off, paid holidays, and paid time to volunteer in the community
- Immediate access to extensive benefits package that includes medical, dental and vision coverage, basic life insurance, long and short-term disability coverage and much more
- 401(k) match from day one of employment
- Referral bonuses if we hire your referred applicants to our open positions
- An enriching and engaging career in financial services - our employees overwhelmingly report that they find meaning and purpose in their day to day work
- Executive leader access and interaction in all our locations due to flat structure, open office environments, town halls and speed mentoring events
- New, professional, and collaborative working environment where parking is provided
- Document enterprise data at rest and in-use, including data locations, physical and logical data flows.
- Analyze normal data usage patterns, including business process analysis, user behavior analysis, and user personas.
- Analyze existing data-loss threats and vulnerabilities
- Assist with the implementation of a framework for classifying sensitive data.
- Assist with the formulation, promulgation, and enforcement of data loss prevention policies, including data use, access control, data encryption and obfuscation policies.
- Assist with the selection, implementation, and usage of data loss prevention tools, including data classification and DLP
- Participate in the ongoing monitoring of potential data loss.
- Support and participate in the security incident response team.
- Analyze potential data-loss breaches to determine their impact and root cause.
- All other duties as assigned
- Bachelor's degree in Information Technology or related field is preferred. High school diploma (or equivalent) in combination with 5+ years of technical experience in an information security role will be considered. Minimum of high school diploma or equivalent is required.
- 3+ years' experience and hands on knowledge with Data Loss Prevention security controls and tools (e.g Symantec DLP, Splunk, Bluecoat, CASB, etc.)
- Industry certifications such as Security+, SSCP, GSEC, CISSP or related
- Hands on experience with an incident management tool
- Ability to navigate and work effectively across a complex organization.
- Triage analyst experience
- Knowledge of endpoint protection technology and loss protection strategies.
- Identify potential data leaks and determine if information constitutes a violation of any company policies related to Personal Identifiable Information (PII) or Intellectual Property (IP)
- Evaluate DLP events, eliminate 'white noise' events (no action), and determine if a violation of corporate data policies has occurred
- Escalates events according to the Data Loss Prevention triage workflow process
- Identification of root cause in partnership with peer groups on remediation of control gaps/failure
- Knowledge of, and experience with cloud-based information systems (e.g. Microsoft Azure/Office 365, Salesforce, SharePoint, Box)
- Experience performing, interpreting, and reporting vulnerability assessments
- Knowledge of computer networking and network-based information assurance devices