1) Very strong scripting and coding skills
2) Working knowledge of data security across various database platforms. Primary concentration over Hadoop, Hana and SQL environments, either on premise or on cloud
3) Experience in designing, building, testing and implementing security systems including identifying security design gaps in existing and proposed architectures and recommend changes or enhancements.
4) Responsible for adhering to established policies, following best practices, developing and possessing an in-depth understanding of exploits and vulnerabilities, resolving issues by taking the appropriate corrective action.
5) Knowledge on security controls designing Source and Data Transfers including CRON, ETLs, JDBC-ODBC scripts.
6) Working knowledge on platforms such as Kafka, Power BI agents for output representation and management.
7) Work with stakeholders on Networking including DNS, Proxy, ACL, Policy and troubleshooting
8) Provide assistance to the business to address technology based Audit findings and issues.
9) Ensuring business understand key security and IT Risk strategies, and how they affect the Corporate Office business lines
10) High Level working knowledge of PCI DSS and ERM Compliance and Standards
11) Experience with implementing and deploying security (encryption, anonymization, data integrity, policy control) features in large scale infrastructures
12) Experience working in and adopting data infrastructure to regulatory frameworks such as EU privacy directives like GDPR
13) Providing a Point of coordination for various security related activities within the Information Security team
14) Manages validation and testing of security architecture and design solutions, and produces detailed engineering specifications with recommended vendor technologies.
15) Refine processes for preventing, detecting, identifying, analyzing and responding to data security incidents
16) Great communication skills and the ability to break down and explain complex data security problems
17) Pragmatic and understand the trade-offs between the perfect solution and the working solution
18) Establish a process for data asset classification and ownership Incident Management and Response
19) Participate in the development of on-going Technology Risk reporting, monitoring key trends and/or breaches
20) Ensuring full participation in Audit programs assisting business in identifying technology based controls
1. Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective
2. Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement good architecture principles to lower technical debt
3. Assertive personality; should be able to hold her/his own in a project board or work group setting
4. Superlative written and verbal communication skills; should be able to explain technical observations in an easy to understand manner
5. Ability to work under pressure and meet tough/challenging deadlines
6. Influencer- must be able to convince various stakeholders (internal IT Teams, C-Level execs, Risk & Audit) of why a certain observation is a concern or not
7. Strong understanding of Risk Management Framework and security controls implementation from an implementer stand-point