Information Security Specialist II/Data Security-Data Loss Prevention
Listed on 2026-07-08
-
IT/Tech
Information Security, Cybersecurity, Data Security, IT Consultant
Job Description
The position partners closely with cybersecurity teams, business units, privacy, legal, compliance, audit, and technology organizations to identify, assess, monitor, and reduce data-related risks across cloud, SaaS, endpoint, collaboration, and on-premises environments while enabling business objectives and regulatory compliance. The position also will be critical to review and update our Security posture from a Data Security and Data Loss Prevention as we expand our AI build and capabilities.
The Information Security Specialist II – Data Security (DSPM & Data Loss Prevention) serves as a senior subject matter expert responsible for the design, implementation, governance, and continuous improvement of the enterprise Data Security Program. This role provides strategic and technical leadership for Data Security Posture Management (DSPM), Data Loss Prevention (DLP), Data Classification, Information and Data Protection, Insider Risk Monitoring, and Sensitive Data and AI governance initiatives.
Required Experience:
Experience administering or supporting Data Loss Prevention (DLP), Data Security Posture Management (DSPM), Data Classification, or Information Protection programs. Experience conducting risk assessments, investigations, compliance reviews, and security consulting activities. Strong understanding of cloud technologies, information lifecycle management, and data protection principles.
Preferred Experience:
Microsoft Purview Information Protection and DLP Cyera DSPM or equivalent DSPM technologies Broadcom/Symantec Endpoint DLP Proofpoint DLP Zscaler DLP Data Classification and Labeling Solutions Insider Risk Management Cloud Security and SaaS Security Healthcare data protection and regulatory compliance Other Preferred Certifications
CISM HCISPP CDPSE CCSK GIAC Information Security Certifications Microsoft Security Certifications
Oversee planning, execution and management of multi-faceted projects/programs for multiple functional areas across the enterprise related to risk management, compliance, control assurance, and infrastructure/information asset protection. Develop and drive security strategies, policies/standards, ensuring the effectiveness of solutions for critical and/or highly complex projects, and providing security-consultative services to the organization.
- Provide strategic and tactical direction and consultation on information security and compliance.
- Participate in security planning and analyst activities. Work in combination with IT Delivery Lead/Manager to ensure security is engaged in projects.
- Act as primary support contact for the development of secure applications and processes. Provide objective evaluations of security controls, mechanisms and goals in comparison to best practices. Develop, refine and implement enterprise-wide security policies, procedures, and standards across multiple platform and application environments to meet compliance responsibilities. Ensure policies, procedures, standards and system configurations are documented and tracked. Monitor the legal and regulatory environment for development.
Recommend, manage, and implement required changes to information security policies and procedures. Monitor compliance with security policies, standards, guidelines and procedures. - Develop processes and procedures for the information security governance program, including control document reviews, participant assessment preparation, meeting coordination, assessment finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting and escalation.
- Ensure security compliance with legal and regulatory standards. Engage directly with the business to gather a full understanding of project scope and business requirements.. Provide security-related guidance on business process. Work closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls.
- Work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. Participate in the development and maintenance of a global risk framework (a single view of the company's risk profiles and tolerance.). Capture, maintain, and monitor information security risk in one repository.
Serve as a subject matter expert (SME) for performing vendor risk assessments to improve overall vendor risk program. - Assess threats and vulnerabilities regarding information assets and recommend the appropriate information security controls and measures. Develop and implement strategies to align information security with business objectives and goals, protecting the integrity, confidentiality and availability of data.
- Assist/perform in security assessments and performs security attestations. Participate in security…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).