In depth understanding of security tools specific to data protection (Purview, Siteminder, IDIM platform) - 3+ years
Understanding of DevOps pipelines
In-depth understanding of API management and security - 3+ years
Understanding of the privacy regulations (EU, AU, NA) understanding of Sarbanes Oxley Act, ISO 27001, GDPR
Data protection processes and technologies - 2+ years
Experience working within an IT Security organization - 5+ years
Experience in secure application development - 2+ years
Responsibilities
Identify Regulatory requirements within scope of this role (Privacy, international trade, etc.) and in coordination with the GRC team, ensure compliance within this specific security domain.
Ensure security requirements are fully integrated within the DevSecOps pipelines.
In conjunction with Corporate Security, Security Operations and Applications teams ensure appropriate vulnerability management requirements are being met.
Provide timely reporting on the overall vulnerability risk picture of the applications within the scope of this role.
Provide technical support to project teams to ensure continued compliance to defined security requirements.
Advise internal management or business partners on the implementation or operation of compliance programs.
Coordinate with the Security and Risk team to ensure adequate risk management within the application and data security domain.
Provide guidance and oversight to Client’s secure utilization of Data Security - at rest, in motion, in processing including interface / integration methods or technologies.