Data Security Architect - Temp

Overview

JOB DESCRIPTION – Data Security Architect

Gallagher is a global leader in insurance, risk management and consulting services. This is a Temp-To-Hire, W-2 position. It is a fully remote role and must be based in the United States. You must meet U.S. eligibility requirements for work authorization as noted at the bottom of the job description.

Position Summary
: DLP Security Architect will serve as a key technical resource in the Global Cyber and Information Security (GCIS) organization. This role will be responsible for further developing and maturing the DLP security architecture approach, working with internal and external resources to recommend data governance, categorization and labelling standards. The role will stay current on DLP best practices and provide direction for DLP technical specifications for security and technology initiatives.

This role will work closely with other Information Security colleagues, IT & Infrastructure, and Business teams globally to provide DLP security architecture guidance and recommendations. The incumbent will take a leadership role and influence DLP security architecture by example and clearly articulating objectives.

Key Responsibilities
:

• Define and create DLP security architectural policy standards, governance artifacts, labelling design patterns and technical specification control documents for the enterprise.
• Assess, monitor and recommend DLP suite improvements and best practices for the current state global security architecture to improve security posture, mitigate risks and balance costs.
• Work closely with enterprise architecture and security engineering teams to ensure Purview suite of products are securely configured and aligned with the M365 enterprise product suite.
• Provide roadmap and recommendations for strategic and tactical DLP toolset.
• Oversee and consult with project teams to ensure requirements, policy implementation and toolset adhere to DLP security design patterns and best practices.
• Design, collaborate and provide DLP security architecture recommendations for data in all states that balance business requirements with information security needs for internal and vendor solutions.
• Proactively identify technical and architectural risks for current or proposed state, commenting and/or providing DLP suite alternatives for consideration that will improve capabilities. Champion and present recommendations to obtain approval to implement DLP controls.
• Participate in security technology evaluations, proof-of-concept testing and provide in-depth analysis of proposed solutions to provide DLP security architecture risk assessments.
• Collaborate with key security stakeholders in SOC and Compliance to develop policies and SOPs to define, respond and report on DLP capabilities and incidents efficiently.
• Provide DLP governance recommendations that scale and are flexible to enable continuous improvement, adhere to industry standards, regulatory, geographical and internal policies and standards.
• Provide feedback as requested to support DLP risk mitigation and governance activities.
• Enable architectural leadership within engaged forums and projects, serving as a guide by example for collaboration, thought leadership and expertise in DLP security architecture.

Required
:

• Bachelor's degree or equivalent in Computer Science or related field
• Minimum 5+ years working with DLP, specifically Microsoft Purview suite of products
• Minimum 3+ years of cybersecurity experience
• Minimum 1+ years of experience reviewing detailed DLP solutions, providing architecture feedback to the application and infrastructure teams
• Experience with reviewing and developing DLP solution-enabled models
• 1+ years of experience working with AZURE DLP cloud solutions
• Strong knowledge and experience implementing DLP capabilities in Purview-enabled environments
• Hands-on experience with security settings in DLP environments to enable capabilities on endpoints, cloud and email
• Demonstrated experience in a regulated and globally distributed environment
• Knowledge of enterprise architecture frameworks such as TOGAF
• Knowledge of security standards frameworks (NIST CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR)
• Proven success recommending and implementing DLP security architecture best practices for large projects delivering or migrating to DLP solutions

Preferred
:

• At least one information security certification such as CISSP, CCSP, AWS Solutions Architect, AZURE Security
• Knowledge of multiple DLP vendor tools in various environments (endpoint, firewalls, email, database, cloud)
• Insurance and risk management domain knowledge desirable

Key Characteristics
:

• Strong communication skills — oral and written
• Self-starter with strong work ethic
• Flexible and resilient; able to handle various demands, planned and unplanned
• Proven ability to handle multiple tasks and projects simultaneously
• Problem solver with a pragmatic approach to delivering solutions
• Resilient and collaborative; motivated to proactively drive issues to…