Director Data Protection - Cryptography
Director Data Protection - Cryptography
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 97000 - 189000
1 Vacancy
Job Description
You have a clear vision of where your career can go. And we have the leadership to help you get there.At CNA we strive to create a culture in which people know they matter and are part of something important ensuring the abilities of all employees are used to their fullest potential.
Leadership position responsible for spearheading the implementation of data security controls for CNA. This position will focus on designing and implementing data protection and cryptography solutions. This position also has exposure to a range of Data Security technologies ranging from data at rest encryption data in transit encryption data obfuscation certificate management tokenization Digital Rights Management (DRM) Data Protection and Data Discovery across Structured Unstructured and Cloud.JOB DESCRIPTION:
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:
- Develops coordinates and is accountable for the Secure Data Strategy Embedding security into the overall approach and vision for data in an organization.
- Oversees Secure Data Integration Incorporating secure technological and business processes to align data from various sources.
- Data Protection Provides capabilities layered on top of data at rest in motion or in use to secure the contents from unauthorized access.
- Directs implementation of technical capabilities such as encryption and key management to enforce the movement or transmission of data.
- Data Security in the Cloud Implements technical capabilities to protect and secure data in the cloud and to protect and secure structured and unstructured database assets.
- Documents and advises on areas of security improvement that balances risk with business operations and do not diminish efficiencies or innovation.
- Develops and maintains relationships with key stakeholders in the app dev infrastructure space to ensure smooth functioning of the Data Security Program
- Interlocks with other areas of the information security (e.g. Security Technology and Security Operations) to ensure endtoend functioning of Data Security Services.
May perform additional duties as assigned.
Reporting Relationship
Typically AVP or above
Skills Knowledge & Abilities
- Expert level knowledge of data security concepts.
- Proven ability to effectively lead coach and develop a data security group.
- Strong knowledge of the insurance industry its products and services.
- Strong knowledge of data security technical solutions (e.g. classification inventorying data discovery encryption tokenization key management).
- Expert knowledge of traditional and modern cloud data solutions.
- Ability to assess risks in line with information security objectives and risk tolerance of the institution.
- Proven conceptual analytical and evaluation skills.
- Excellent interpersonal verbal presentation and written communication skills with the ability to effectively interact with internal and external business partners.
- Ability to work well independently under pressure and to meet tight deadlines.
- Excellent project management skills with ability to organize prioritize and plan effectively to meet project goals.
- Expert knowledge of privacy/data standards and regulations local domestic and global (State Level Data Protection ISO GAPP NIST 800 53 HIPPA HiTrust Privacy by Design GDPR EU Data Protection Directives CCPA APEC Privacy Framework.
Education & Experience
- Bachelors Degree with Masters preferred in Computer Science or related discipline or equivalent.
- Typically a minimum of ten years of IT Security experience preferably with recent cloud security experience.
- Typically a minimum of five years of security architecture experience designing and implementing data security solutionsinvolving data encryption.
- Typically a minimum of five years of experience assessing or building programs in data protection: data encryption (FPE) tokenization masking and key management
- Typically a minimum of three years in asset and data discovery tooling (e.g. ServiceNow Varonis Netwrix)
- Typically a minimum of five years of experience in data encryption solutions within cloud environments (e.g. AWS Azure GCP)
- Typically a minimum of five years of handson experience with Data Security vendors product capabilities and solutions focus on Data Encryption and not limited to Data Loss Prevention Data Rights Management Data Classification and Data Privacy
- Experience and background in security metrics creation and reporting specifically in the data space
#Hybrid
#LIJB1
In certain jurisdictions CNA is legally required to include a reasonable estimate of the compensation for this role. In District of Columbia California Colorado Connecticut Illinois Maryland Massachusetts New York and Washington the national base pay range for this job level is $97000 to $189000 annually.Salary determinations are based on various factors including but not limited to relevant work experience skills certifications and location. CNA offers a comprehensive and competitive benefits package to help our employees and their family members achieve their physical financial emotional and social wellbeing goals. For a detailed look at CNAs benefits please visitcnabenefits.
CNA is committed to providing reasonable accommodations to qualified individuals with disabilities in the recruitment process. To request an accommodation please contact.
Required Experience:
Director
Employment Type
Full-Time
