Data Protection Program Consultant

Job Description

Seeking a senior Data Protection Consultant with the ability to come in and quickly hit the ground running to build roadmap and strategic frameworks for DLP, detection and response processes, data governance and data lifecycle management. Ideally candidates have the experience helping create roadmaps, collaborating with IT Security and Data teams and leaders. Candidate will drive risk mitigation improvements through various data protection reviews.

• Data Protection Process and Governance experience (not a hands‑on technical role)
• Roadmap/Strategic Framework creation experience – ideally for data protection & governance, DLP or data lifecycle management
• Control frameworks (Financial Services related) – FINRA, SEC, NYDFS, NIST CSF
• Familiarity with Microsoft 365 Data Protection
• Any Program/Project Management experience would be beneficial but not mandatory – agile experience a bonus as well

• Delivering Strategic Frameworks for end‑to‑end data protection and governance, including not only DLP technology but detection and response processes as well as data governance and data lifecycle management
• Delivering a roadmap by aligning data protection services with business goals, strategies, and priorities
• Delivering requirements for business solutions and remove organizational blockers
• Embedding Business Accountability
• Forging strong partnerships with specific planning and process teams to proactively review business strategies and complete risk‑based data protection reviews at the optimal time in the change cycle
• Increasing awareness of data protection obligations within the Organization
• Sharing data protection best practices
• Providing Assurance
• Delivering data protection insights tailored to the business
• Partnering to drive risk mitigation and improvements through various data protection reviews

• Bachelor’s degree in Information Technology or related field is preferred. High school diploma (or equivalent) in combination with 5+ years of technical experience in an information security role will be considered. Minimum of high school diploma or equivalent is required.

• 7 – 10 years of experience Data Protection, Compliance, or Privacy Professionals
• Experience in privacy, security, or compliance disciplines, with an understanding of enterprise compliance governance and oversight processes (information security standards, laws and regulations, privacy and security, risk management, control protocols, methodologies, and practices) to operationalize these controls with business leaders
• Familiarity with the Microsoft 365 Data Protection ecosystem
• Experience in designing and implementing end‑to‑end data protection, detection and response processes
• Data Governance, Privacy, or Information Security certifications such as CIPP, CISSP, CISA, CISM, IAPP, or CFE, etc.
• Familiarity with control frameworks and regulatory/compliance requirements, in particular those relevant to financial services (FINRA, SEC, NYDFS, NIST CSF)
• Excellent written and verbal communication skills with the ability to tailor communications based on audience
• Strong project management abilities, driving projects and deliverables, and measuring results

This candidate will be responsible for helping design and implement process and governance to the Data Protection Program. Candidates should be collaborative and have the ability to work within different groups in order to partner with security leaders to create strategic frameworks and roadmaps tied to Data Protection including not only DLP but detection and response processes as well as data governance and data lifecycle management.