Job SummaryThe Senior Data Privacy and Protection Analyst utilizes business knowledge in combination with technical skills to monitor, detect, identify, analyze, evaluate, report and assist in the response of data privacy and protection related security events. The Data Privacy and Protection (DPP) team operates in partnership with the Cyber Security, Governance and Operations teams to drive a security-first IT organization.

This role will work closely with all areas of IT, business units, strategic partners and vendors to ensure proper privacy and protection controls are implemented in an effort to reduce risk to the global firm. This role requires expertise in problem solving and a solid understanding of common security controls and data privacy.

Primary ResponsibilitiesThe Senior Data Privacy and Protection Analyst is responsible for daily monitoring and evaluation of data events. The candidate should be passionate about information protection and data usage, including the willingness to learn, adapt and advance. This position will constantly monitor developments in data privacy and protection areas and data security technologies alongside global changes in data privacy laws as well as general information security best practices and new technologies.

As part of these processes:

Assistance with internal monitoring, alerting, incident management and other ‘business as usual’ privacy and protection tasks.

Operation of Data Security IT controls (for example: Palo Alto, Purview and Proofpoint)

Production of comprehensive documentation and reporting.

Maintain a sufficient level of knowledge of the prevalent technical and privacy risks to Barings to assist in the prioritization of response plans and mitigating controls.

The expectations of this position, as stated above, are not all inclusive, but do indicate the major responsibilities of the position. Other responsibilities may be assigned as necessary to support the business environment.

Skills

Technical, security vendor or cyber-risk certifications such as CISSP, CompTIA Security+, GSEC, GCIH, CCSP, Microsoft SC-200/400, CISSP, CTIA, OSCP.

Proven experience with security technologies such as SIEM platforms, Endpoint Detection and Response, DLP, WAF, CASB, SASE and Privilege Access Management.

Familiarity with secure architecture principles, zero trust and cloud security principles and settings.

Good understanding of Security frameworks NIST CSF, ISO 27001, CIS controls, MITRE ATTandCK.

Event Monitoring and Incident Response.

Understanding of encryption mechanisms (data at rest and transit)

(Basic) scripting and coding i.e. regex, specifically to be able to write\understand data parsing expressions.

General understanding of Risk Management Frameworks.

Represent Data Security at appropriate risk oversight committees and boards.

Contribute to the development, implementation, delivery and support of the IT Security strategy.

Ability to collect, describe and display technical information in a way to help decision making.

Strong troubleshooting and problem solving skills.

Promote a culture of secure by design

Ability to work independently.

Qualifications

Bachelor’s degree in Information Systems, Computer Science, Information Security, Cybersecurity, Information Assurance (IT related) or equivalent experience, preferred.

2+ years of technical and hands on experience in information security – though not necessarily in a corporate environment if such experience is demonstrable.

Strong problem solving skills and thinking outside the box.

Strong analytical skills required.

Excellent verbal and written communication skills and the ability to interact professionally with a diverse group including; executives, managers, IT personnel, and subject matter experts.

Ability to communicate clearly and effectively within various levels of the organization.

Certifications

With proven experience in a senior security or IT infrastructure operations role

Understanding of Data security objectives for large financial service businesses

Experience in a regulated industry is highly desirable; financial services preferred

IAPP certifications such as CIPM, CIPP/EU or CIPT certification or an academic equivalent of these certifications

Requisite SkillsAdditional SkillsBarings is an Equal Employment Opportunity employer; Minority/Female/Age/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply.

#J-18808-Ljbffr