Location: Washington, DC or Richmond, VA
Schedule: Hybrid (3 days onsite/2 days remote)
Glocomms is partnered with a top consumer information and analytics firm in the search for a Senior Data Security Engineer. As a senior member of the growing Data Protection team, you will spearhead the development and execution of data security strategies to protect sensitive information and systems. You'll also guide junior team members and ensure compliance with industry standards and regulations.
Overview of Responsibilities:
- Create, implement, and refine data security strategies, policies, and procedures to protect the organization's data assets.
- Manage and oversee the deployment of Microsoft Purview for data protection, loss prevention, and behavior analytics.
- Perform regular risk assessments to identify vulnerabilities and develop strategies to mitigate risks, working with cross-functional teams.
- Lead and manage data security incident response efforts, including detection, analysis, containment, eradication, and recovery.
- Review and enhance current data security architectures to improve protection, privacy, and regulatory compliance.
- Classify sensitive data and oversee the implementation and management of encryption technologies.
- Stay updated on data security regulations, standards, and compliance requirements, ensuring alignment with industry practices and legal obligations.
Key Qualifications:
- Bachelor's Degree in information security or a related technical discipline from an accredited institution.
- At least 1 year of experience with Microsoft Purview (or its predecessor).
- Minimum of 6 years in data security, focusing on risk assessment, incident response, and security architecture.
- Strong understanding of data security frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS).
- Excellent communication and interpersonal skills, with the ability to convey technical concepts to non-technical audiences.
- Proven leadership and mentoring experience.
- Experience with regulations like GDPR, PCI-DSS, HIPAA, or similar is a plus.
- Familiarity with cloud data security practices and technologies is beneficial.
- Certification such as Certified Information Systems Security Professional (CISSP) is preferred.
Interested candidates must be willing to work on-site Tuesdays, Wednesdays, and Thursdays if hired.
This is a full-time position; candidates seeking contract or C2C/C2H work will not be considered.
Unfortunately visa sponsorship is not available at this time.