Cybersecurity Lead Analyst

This is a Non-Employee Contingent Worker Role providing services for TIAAs family of companies and will be employed by TIAAs preferred 3rd Party Supplier. As a Non-Employee CW perform a variety of moderately complex business planning support and project-related an exceptional standard of quality and holds themselves accountable to achieving excellent results.

This role will sit onsite likely in a hybrid capacity at the location(s) listed in this posting.

• Ensures implementation of secure operating systems networks and databases for the organization.
• Performs complex risk assessments and executes tests of data processing system to ensure functioning of data processing activities and security measures.
• Drafts plans to safeguard computer files against accidental or unauthorized modification destruction or disclosure and to meet emergency data processing needs.
• Encrypts data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
• Facilitates risk audits and assessments and provides recommendations for application design to ensure operating effectiveness.
• Monitors analysis of system access logs ensuring only permitted individuals have access to company information.
• Reviews violations of computer security procedures and discusses procedures with violators to ensure violations are not repeated.
• Trains users and promotes security awareness to ensure system security and to improve server and network efficiency.

• University (Degree) Preferred

• 3 Years Required; 5 Years Preferred

• Physical Requirements: Sedentary Work

Leadership & Strategy

• Lead the cybersecurity team providing mentorship guidance and performance management.
• Develop and execute the organizations cybersecurity strategy aligned with business goals.
• Collaborate with IT leadership and stakeholders to assess risk and define security priorities.

Microsoft Security Operations

• Administer and optimize Microsoft Defender for Endpoint Identity Cloud Apps and Office 365.
• Manage and monitor Microsoft Sentinel for threat detection incident response and log analytics.
• Implement and maintain Microsoft Purview for data governance compliance and information protection.
• Oversee Entra ID (Azure AD) identity and access management including Conditional Access and Privileged Identity Management (PIM).
• Conduct regular reviews of security configurations and policies across Microsoft 365 and Azure environments.
• Conduct monthly Attack Simulations

Threat Management & Incident Response

• Lead threat hunting and incident response activities using Microsoft XDR and SIEM tools.
• Develop and maintain playbooks for automated response in Sentinel and Defender.
• Coordinate with internal teams and external partners during security incidents and investigations.

Governance Risk & Compliance

• Ensure compliance with industry standards (e.g. NIST GDPR LGPD DORA other local data privacy laws).
• Conduct risk assessments and vulnerability scans; manage remediation efforts.
• Maintain documentation for security policies procedures and audit readiness.

Training & Awareness

• Promote security awareness across the organization through training and communication.
• Stay current with emerging threats vulnerabilities and Microsoft security innovations.

Anticipated Posting End Date:

Actual base salary may vary based upon but not limited to relevant experience time in role base salary of internal peers prior performance business sector and geographic location.

Equal Opportunity

We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age race color national origin sex religion veteran status disability sexual orientation gender identity or any other legally protected status.

Our full EEO & Non-Discrimination statement is on our careers home page and you can read more about your rights and view government notices here.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone:

Email:

Drug and Smoking Policy

TIAA maintains a drug-free and smoke/free workplace.

Privacy Notices

For Applicants of TIAA Nuveen and Affiliates residing in US (other than California) click here.

For Applicants of TIAA Nuveen and Affiliates residing in California please click here.

ForApplicants of TIAA Global Capabilities click here.

For Applicants of Nuveen residing in Europe and APAC please click here.