Data Protection – Security Architect
Description
We are searching for experienced leader who can define and operationalize data protection & privacy controls across the organization to reduce the risk of data loss and deepen EIP’s oversight of data use. As an Architect you will be responsible for the enterprise data protection’s technical oversight on architecture and design of related security tools, data protection assessments and maturity roadmap. You will work closely with all areas of Enterprise Information Protection (EIP)’s, business units, and strategic partners, and vendors to ensure data protection initiatives and operations are in line with policies, standards and applicable controls. You will support project teams to recommend technology and control alignments reviewed by EIP and that applicable security controls are properly incorporated.
Responsibilities
This cross functional enterprise role will be responsible for designing and architecting data protection tools and technologies by partnering with Humana’s business, engineering and other EIP functions. This is a high visibility role where you will be serve as a key EIP partner to Humana’s business and engineering teams to design data security strategies to minimize risks and increase compliance.
Responsibilities:
Define and own architecture & design of data protection technologies for the enterprise
Deepen adoption of data protection controls and oversight by developing partnerships within and outside of EIP
Define and advise on security best practices & implement routinized processes in the areas of data protection and privacy
Serve as a key resource for data protection & privacy focused assessments, design reviews and controls
Serve as the product manager of data protection technologies aligning requirements and risks with capabilities
Influence adoption and prioritization of policies and standards within engineering and business roadmaps
Develop strong partnership cross functionally with EIP, Data Governance and engineering teams
Identify & maintain policies and standards to drive privacy compliance
Contribute to the development of secure data strategy
Develop metrics for DLP adoption across the enterprise
Advise on internal and external staffing needs
Contribute to the market survey and product selection for data protection tools and capabilities
Required Qualifications
Bachelor's Degree in Computer Science, Information Technology or related technical degree plan
10+ years of experience in architecture, design and implementation of security tools
Experience in Data Loss Prevention, Data Encryption (in-transit and at-rest), Network Security and database platforms
CISSP, CISM or equivalent, Cloud Architecture / Cloud Security Certifications (AWS, Azure, GCP), Cloud Security Alliance (CCSP, CCSK)
Experience building cross functional relationships for delivery of security programs
Strong background in data loss prevention and insider threat related incident response procedures
Solid knowledge and understanding of systems development life cycle (SDLC), security regulations and best practices such as PCI DSS, SOX, HIPAA, GDPR and the ISO 27000 family of standards
Proven expertise translating business requirements into architectural deliverables and technical specifications
Ability to clearly explain complex ideas and technologies to technical & non-technical audiences
Knowledge of the Mitre ATT&CK framework, NIST Cyber Security Framework, familiarity with common security controls in the enterprise (Firewall, Proxy, AV, SIEM, etc.)
Preferred Qualifications
Master’s Degree in Computer Science, Information Technology or related technical degree plan
Exposure to Cyber Security Operations
Enter #cloud to pull up list of cloud focused roles