Opening for Data SecurityEngineer/Enterprise Architect/Incident Manager/security Engineer-TX-HYBRID
Role: Information Security and Compliance Engineer
Location: Dallas, TX (Hybrid)
Duration: 12+ Months
Job Summary:
We are currently seeking technical professionals with recent, strong Data Security and Compliance experience. This role will be instrumental to the success of our digital transformational efforts in the Data Engineering and Platforms space.
Position Description:
As a Sr. Data Security and Compliance Engineer, you will be part of a highly collaborative team and work environment that delivers cutting-edge data platforms and solutions at McKesson. The Security Compliance Engineer for Data Platforms is responsible for ensuring the security and compliance of data platforms within McKesson. This role involves implementing and maintaining security controls, policies, and procedures to protect data platforms from potential threats and vulnerabilities. The Security Compliance Engineer will collaborate with cross-functional teams to assess risks, monitor security incidents, and ensure compliance with industry standards and regulations. The role will also contribute to the development of security strategies and provide guidance to stakeholders on security best practices.
Responsibilities:
1. Security Controls Implementation: Implement and maintain security controls across Snowflake data platform and Data Ingestion platforms including access controls, encryption, network security, and vulnerability management.
2. Compliance Management: Monitor and ensure compliance with relevant industry standards, regulations (e.g., SOX, GDPR, HIPAA), and internal security policies.
3. Risk Assessment: Conduct risk assessments on data platforms to identify potential vulnerabilities and threats. Provide recommendations and implement remediation measures to mitigate risks.
4. Incident Response: Collaborate with incident response teams to investigate and respond to security incidents related to data platforms. Develop incident response plans and participate in incident response exercises.
5. Security Audits and Assessments: Participate in security audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement. Address findings and implement necessary changes. Will work with Internal and external auditors to provide evidence required for compliance.
6. Security Awareness and Training: Develop and deliver security awareness and training programs to educate employees on data platform security best practices.
7. Documentation and Reporting: Maintain accurate documentation of security controls, policies, and procedures. Generate reports on security metrics, compliance status, and incidents for management and stakeholders.
8. Security Strategy: Contribute to the development and execution of the organization & data platform security strategy. Stay updated on emerging threats and security technologies to recommend improvements.
9. Conduct regular security audits and participate in SOX compliance audits, providing reports and recommendations for enhancements.
Requirements:
1. Education: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications such as CISSP, CISA, or CISM are desirable.
2. Experience: 7+ years of prior experience in information security, compliance, or a related role. Familiarity with data platforms – Snowflake, Delta Lake, cloud computing, and security technologies is preferred. Hands-on Experience with SnowSQL, Snowpipe and Notebooks is desirable.
3. Knowledge: Strong understanding of security controls, risk assessment methodologies, and compliance frameworks (SOX, GDPR and general ITGC controls).
Knowledge of data protection laws and regulations is essential.
4. Technical Skills: Proficiency in implementing and managing security controls within data platforms. Familiarity with Role Based and Fine-Grained Access Controls, security tools, vulnerability scanning, and log management systems.
5. Analytical Skills: Ability to assess risks, analyze security incidents, and provide recommendations for improvement. Strong problem-solving skills to address security challenges.
6. Communication: Excellent written and verbal communication skills. Ability to collaborate with cross-functional teams, Internal / External auditors and effectively communicate complex security concepts to technical and non-technical stakeholders.
7. Attention to Detail: Strong attention to detail to ensure accurate documentation and compliance with security standards.
8. Continuous Learning: Proactive approach to stay updated on emerging security threats, technologies, and industry best practices.
The Senior Compliance Engineer for Data Platforms plays a critical role in safeguarding the confidentiality, integrity, and availability of data within an organization. They ensure compliance with regulatory requirements and industry standards while implementing robust security controls to protect data platforms against evolving threats.
Thivya Jothi
US IT Recruiter | Techorbit
1300 W Walnut Hill Lane, Suite# 260, Irving, TX 75038
E-Mail: jothi@techorbit.com || Contact: 469-9235803
You received this message because you are subscribed to the Google Groups "Thivya Jothi" group.
To unsubscribe from this group and stop receiving emails from it, send an email to thivyajothi284+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/thivyajothi284/CALXtW0v0TqTcwdJBhUZ5E8Fvq3hyfdeSTFxZ1nrtizLsTZBzYA%40mail.gmail.com.
Comments
Post a Comment
Thanks