Understanding of encryption, authentication, and access management best practices.
Knowledge of cloud security for databases in cloud environments.
Proven track record of driving and enforcing a data classification program.
Excellent organizational, communication, and leadership skills.
Ability to manage complex data protection initiatives and work across multiple teams.
Strong knowledge of security concepts, including risk management, identity and access management (IAM), key management, data protection, and network security.
Experience with compliance and privacy frameworks (e.g., CCPA, GDPR, ISO 27001, SOC 2)
Experience with data mapping and management tools such as Airbyte, DBT, Looker
Certifications such as CISM, CISSP, or CRISC
Familiarity with cloud security components of platforms like AWS, GCP, or Azure.
Ability to handle high-stress situations and effectively manage IT emergencies.
Excellent problem-solving, analytical, and communication skills.
A passion for mentoring others.
Responsibilities:
Develop and enforce security policies for databases, including implementing access controls, authentication, and encryption.
Configure firewalls and network security for database protection.
Use SIEM tools (e.g., Splunk, ELK, Microsoft Sentinel) to monitor for data security incidents.
Investigate database anomalies and respond to threats, performing forensic analysis in case of security breaches.
Conduct security audits and risk assessments for databases, identifying and remediating database vulnerabilities, and ensuring regular patching and updating of database technologies.
Enforce least privilege access and conduct regular access reviews.
Ensure compliance with SOC 2, GDPR, PCI-DSS, and ISO 27001 regulations.
Implement Data Loss Prevention (DLP) solutions.
Develop strategies for secure data backups and recovery.
Monitor and prevent unauthorized data exfiltration.