GEICO

Senior Staff Engineer - Cybersecurity Data Protection Engineer, Remote

GEICO

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Salary

💰 $115,000 - $260,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformJava.NETPython

About the role

  • Lead data protection program: identify, assess, and mitigate vulnerabilities; conduct regular data risk assessments; monitor the effectiveness of the implemented security measures.\n
  • Develop and implement data protection strategies and initiatives, including classification and handling, data access controls, inventory, encryption, and retention.\n
  • Enforce data protection policies and respond to regulatory requirements.\n
  • Develop and maintain data security policies, procedures, standards, and ensure they are followed by the entire organization.\n
  • Create and maintain data inventories and data flows, and manage data sharing controls.\n
  • Drive the design and implementation of data access controls, ensuring only authorized access to sensitive data.\n
  • Co-develop and implement data retention policy and procedures, ensure compliance with internal policy and external regulations.\n
  • Enforce data encryption standards and strategies to secure data at rest and in transit.\n
  • Lead incident response efforts related to data breach and work with stakeholders to mitigate impact.\n
  • Lead and conduct regular data risk assessments to identify potential vulnerabilities and threats to the organization's data and information systems.\n
  • Stay abreast of new developments in the field of cybersecurity and ensure that the organization's risk assessment and data security processes are aligned with industry standards and best practices.\n
  • Act as an expert and mentor for other data protection engineers in the organization, providing guidance and support on data protection methodologies, techniques, and best practices.\n
  • Manage and supervise the work of other data protection engineers, including reviewing and approving their work when needed.\n
  • Represent the organization in external meetings and interactions with clients, stakeholders, and other industry experts.

Requirements

  • Proven experience with data discovery, classification, handling, access, inventory, and retention.\n
  • Proven experience with data protection technologies, such as encryption, tokenization and data loss prevention tools.\n
  • Familiar with programming languages such as Python, Java, or .NET.\n
  • Experience with designing and implementing data security solutions for enterprise environments.\n
  • Experience in managing and supervising other Data Protection Engineers.\n
  • Experience in developing and managing data protection programs focused on data discovery, data inventory, data risk assessments, and encryption for both structured and unstructured data.\n
  • Strong knowledge of cybersecurity laws, regulations, and best practices.\n
  • Knowledge of data security frameworks, standards, and protocols.\n
  • Strong understanding of data privacy laws and regulations (i.e. NYDFS, PCI, etc.).\n
  • Strong analytical and problem-solving skills.\n
  • Excellent communication and presentation skills to effectively communicate with management and other stakeholders.\n
  • Ability to excel in fast-paced, startup-like environment.\n
  • Experience: 7+ years of experience in cybersecurity, with focus on data protection and privacy; 4+ years of experience in open-source frameworks; 3+ years of experience with architecture and design; 3+ years of experience with AWS, GCP, Azure, or another cloud service.