Cognizant Technology Solutions GDPR Data Protection Manager in Teaneck, New Jersey
Manager, GDPR Data Protection
7 years of relevant experience
Location: USA. Fully Remote with eventual 20% travel.
Description of Organization
Cognizant Corporate Security, a key organization within Cognizant Technology Solutions, is chartered with managing and directing the global enterprise physical and logical security programs. The Corporate Security organization is responsible for the oversight and coordination of security efforts across the company, including information technology, human resources, communications, legal, facilities management and various other groups, and is responsible for identifying security initiatives and standards. Corporate Security drives security compliance and serves as the key organization responsible with helping the business appropriately manage security risks.
Cognizant Corporate Security is seeking a dynamic, self-motivated and forward thinking individual who can work independently as well as lead a team of security professionals that are focused on implementing security controls related to data protection & privacy.
The individual will be accountable to
Architect/design, implement, operate and manage data protection technologies and related security solutions/platforms.
Provide recommendations on technical controls that support protection of sensitive/PII throughout data lifecycle.
Develop and publish secure data architecture designs that focus on protection of data across on premise and cloud environments.
2-3 years of managing a team of security experts focused on implementing data protection controls and operating related technologies (e.g. centralized key management solution)
3-4 years of Experience in increasing responsibility in designing and reviewing secure architectures, frameworks, application design patterns, and security best practices.
Proven expert knowledge of data protection technologies and enterprise scale deployment.
Demonstrated knowledge of data at rest, data in transit, data in use encryption techniques and methods.
Knowledge of encryption technologies across private and public cloud as well as common vendors and third-party products that provide encryption, tokenization and/or data protection solutions.
Ready to join in short notice (within 30 days is highly preferred).
Formal Education and Security Certifications
Four-year university degree in computer science, or computer engineering.
8 years equivalent work experience related to security architecture and enterprise scale control design and implementation.
Certification in Certified Information Privacy Professional (CIPP/US or CIPP/E, or equivalent), Certified Information Privacy Manager (CIPM), Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
Deploy and manage operations of enterprise key vault solutions, such as, Vormetric key management platform, Azure key vault, etc.
Familiarity with GDPR privacy regulation and related security controls would be an advantage.
Implement data-at-rest encryption for well-known databases, such as, Oracle, MS SQL, Sybase, MongoDB, Azure SQL MI, etc. using native database features and/or third party solutions.
Implement data-at-rest encryption across a variety of data stores, data warehouse technologies, etc. both on-premise and on-cloud.
Implement advanced encryption techniques, such as, application level encryption, tokenization or Pseudonymisation to minimize internal threat exposure.
Conduct risk assessments covering end-to-end dataflow of applications/web services/API, etc. to uncover weaknesses in data communications and channel security and ensure adequate data-in-transit protection controls are implemented.
Assist in operationalizing data masking solutions and in defining data masking standards/guidelines catering to world-wide sensitive/PII data elements.
Implement and maintain database activity monitoring solutions (DAM) to monitor activities of highly privileged users and systems.
Execute complex security implementation projects with high volume/demand and able to prioritize and execute tasks in a high-pressure environment.
Experience and working understanding of common cyber security solutions, such as: security information and event management (SIEM), data leakage prevention (DLP), identity and access management (IAM), role-based access control (RBAC), database activity monitoring (DAM), privileged identity management (PIM), privileged access management (PAM), file integrity monitoring (FIM), unstructured data classification and protection, etc.
Develop, review, and update new and existing documentation, security policies, technical and security standards and Author technical data protection standards relating to cryptography methods and encryption solutions as needed.
Provide thought leadership as it pertains to data protection technologies, architectures, and provide a forward-looking view into trends that relate to controls, algorithms, and methods.
Serve as the SME and go-to individual for all data protection, masking, encryption, obfuscation, tokenization efforts across Cognizant developed applications, services, and environments.
Leadership & Delivery Execution
Communication - Convey information related to security risks and impact to business in a convincing and engaging manner through a variety of effective methods.
Strategy Development - Develop plans by exploring and systematically evaluating opportunities with the greatest potential for producing positive results; ensures successful preparation and execution of plans through effective planning, organizing,
Please click the link below to view the rest of the job on our career site.
Equal Opportunity Employer-minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity