×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security Security Manager

Principal of Access and Data Security SME

Job in Chicago, Cook County, Illinois, 60602, USA
Listing for: Early Warning Services, LLC
Full Time position
Listed on 2026-06-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, Security Manager
Job Description & How to Apply Below
At Early Warning, we've powered and protected the U.S. financial system for over thirty years with cutting-edge solutions like Zelle, Paze℠, and so much more. As a trusted name in payments, we partner with thousands of institutions to increase access to financial services and protect transactions for hundreds of millions of consumers and small businesses.

Positions located in Scottsdale, San Francisco, Chicago, or New York follow a hybrid work model to allow for a more collaborative working environment.

Candidates responding to this posting must independently possess the eligibility to work in the United States, for any employer, at the date of hire. This position is ineligible for employment Visa sponsorship.

Overall

Purpose:

The Principal of Access Control & Data Security Oversight is responsible for ensuring the organization's Access Control and Data Security programs are effective, risk-aligned, and defensible-through independent challenge, governance, and validation.

This role provides independent risk-based governance within a Three Lines of Defense (3

LOD) model, ensuring access management and data protection practices are effective, measurable, and aligned to risk appetite and regulatory expectations. The position partners closely with engineering, identity, data, and application teams, acting as a credible challenger-not an operator. This role will support the Cybersecurity and Technology Risk Management team within the Second Line of Defense (2

LOD) and report directly to the 2

LOD VP of Information Security Risk.

Essential Functions:

Data Security

* Provide independent challenge and oversight of data protection practices across enterprise environments.

* Define and maintain policies, standards, and controls for data classification, encryption, retention, and handling.

* Challenge control validation and effectiveness testing of data security controls, including DLP and encryption.

* Assess and challenge data access, data sharing, and data lifecycle decisions.

* Deliver risk-based reporting on data exposure, control gaps, and trends.

* Provide oversight of data security tooling to ensure coverage, configuration, and data integrity.

Access Control

* Provide independent challenge and oversight of Identity and Access Management (IAM) and Privileged Access Management (PAM) programs.

* Define and maintain policies, standards, and controls for authentication, authorization, and access governance.

* Challenge control validation of provisioning, deprovisioning, access reviews, and segregation of duties (SoD).

* Assess and challenge access decisions, entitlements, and privilege escalation risks.

* Deliver reporting on access risks, excessive privileges, and control weaknesses.

* Provide oversight of IAM/PAM tooling to ensure effectiveness and integrity.

Minimum Qualifications:

Data Security

* Deep expertise in data security domains including encryption, tokenization, masking, and DLP.

* Experience with data classification frameworks and data lifecycle management.

* Strong understanding of data architectures across cloud, on-prem, and hybrid environments.

* Ability to translate data risk into business impact and regulatory implications.

Access Control

* Deep expertise in IAM, PAM, and access governance models.

* Experience with identity systems, federation, and modern authentication (e.g., SSO, MFA, Zero Trust).

* Strong understanding of least privilege, role-based and attribute-based access control models.

* Ability to assess and communicate access-related risks at scale.

General Qualifications

* 15+ years of IT experience with 8+ years in Information Security.

* Experience operating in a Three Lines of Defense model and/or regulated environment (financial services preferred).

* Ability to translate technical findings into business risk and executive-level insights.

* Experience in fintech or highly regulated industries.

* Familiarity with regulatory expectations for data protection and access control.

* Background in risk management, audit, or control validation.

* Background and drug screen

The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search