Description

We are searching for experienced leader who can define and operationalize data protection & privacy controls across the organization to reduce the risk of data loss and deepen EIP’s oversight of data use. As an Architect you will be responsible for the enterprise data protection’s technical oversight on architecture and design of related security tools, data protection assessments and maturity roadmap. You will work closely with all areas of Enterprise Information Protection (EIP)’s, business units, and strategic partners, and vendors to ensure data protection initiatives and operations are in line with policies, standards and applicable controls. You will support project teams to recommend technology and control alignments reviewed by EIP and that applicable security controls are properly incorporated.

Responsibilities

This cross functional enterprise role will be responsible for designing and architecting data protection tools and technologies by partnering with Humana’s business, engineering and other EIP functions. This is a high visibility role where you will be serve as a key EIP partner to Humana’s business and engineering teams to design data security strategies to minimize risks and increase compliance. 

Responsibilities:

• Define and own architecture & design of data protection technologies for the enterprise 

• Deepen adoption of data protection controls and oversight by developing partnerships within and outside of EIP 

• Define and advise on security best practices & implement routinized processes in the areas of data protection and privacy 

• Serve as a key resource for data protection & privacy focused assessments, design reviews and controls 

• Serve as the product manager of data protection technologies aligning requirements and risks with capabilities 

• Influence adoption and prioritization of policies and standards within engineering and business roadmaps

• Develop strong partnership cross functionally with EIP, Data Governance and engineering teams 

• Identify & maintain policies and standards to drive privacy compliance 

• Contribute to the development of secure data strategy 

• Develop metrics for DLP adoption across the enterprise

• Advise on internal and external staffing needs 

• Contribute to the market survey and product selection for data protection tools and capabilities

Required Qualifications

• Bachelor's Degree in Computer Science, Information Technology or related technical degree plan

• 10+ years of experience in architecture, design and implementation of security tools

• Experience in Data Loss Prevention, Data Encryption (in-transit and at-rest), Network Security and database platforms

• CISSP, CISM or equivalent, Cloud Architecture / Cloud Security Certifications (AWS, Azure, GCP), Cloud Security Alliance (CCSP, CCSK)

• Experience building cross functional relationships for delivery of security programs

• Strong background in data loss prevention and insider threat related incident response procedures

• Solid knowledge and understanding of systems development life cycle (SDLC), security regulations and best practices such as PCI DSS, SOX, HIPAA, GDPR and the ISO 27000 family of standards

• Proven expertise translating business requirements into architectural deliverables and technical specifications

• Ability to clearly explain complex ideas and technologies to technical & non-technical audiences

• Knowledge of the Mitre ATT&CK framework, NIST Cyber Security Framework, familiarity with common security controls in the enterprise (Firewall, Proxy, AV, SIEM, etc.)

Preferred Qualifications

• Master’s Degree in Computer Science, Information Technology or related technical degree plan

• Exposure to Cyber Security Operations

Enter #cloud to pull up list of cloud focused roles