Role Overview:
The Senior IT Security Engineer is a Microsoft Azure Data specialist who works in the Information Technology Group and reports to the IT Director of Identity and Data Protection.
The role is key to the evolution of the Data Governance program at Smith+Nephew (S+N). A formalized Data Governance Program is required to identify and protect key data assets. This program is a critical component of a broader Cyber Security Maturity Program, with the backing of Senior Leadership.
This role will work in collaboration with a Governance Risk and Compliance (GRC) team, who will provide the policy and compliance expertise.
The role will be required to lead the design and technical delivery of a program of Data Governance improvements, in the following three main areas:
1. - Identify, documentation and labelling of key data assets across the organization, through business process mapping, use of data-discover tools, and collaboration with other teams working on Privacy Law Compliance and Master Data Management
2. - Deploy effective process and technology controls to protect critical company data. This will primarily require the employment of DLP solutions for in prem and cloud environments, but will also include data labelling, E-mail rules and other technical data exfiltration prevention measures.
3. - Execute on a program of audits, to assess existing data protection controls for adequacy and identify gaps. Support Data, Technology and Process Owners to remediate control weaknesses
4. - Manage data governance non-compliances reported by the Security Operations team
The role requires a good understanding of Data Governance and associated technologies, Program Management, Audit and Information Security.
The Senior Specialist will be required to engaged with Business, Functional and Project team members, at various levels in the organization, in the execution of assessments and deployment of controls. As such a confident self-starter is would be best suited.
The Senior Specialist should be comfortable working with and directing third party consultants hired to support the program.
Responsibilities:
5% Program Management
35% Lead S+N Data Governance technologies deployments
10% Identification of key data assets across the organization
35% Assessing IT Systems and Data Repositories for appropriate Data Protection Measures
15% Gap remediation
Education:
Bachelor’s degree in a Computer Science or related field, or an equivalent combination of training and experience.
Must be fluent in English, reading, writing, speaking and listening.
Licenses/ Certifications:
Microsoft Azure certifications - Azure Data Fundamentals, Azure Data Engineer Associate etc. will be an advantage
One or more professional qualifications related to Information Security and Risk Management, will be an advantage e.g. CISA, CISSP, CCSP, CCSK or similar
Experience:
At least 6 years in Information Technology / Security with:
Prior experience running programs or projects will be an advantage
A understanding of current privacy law e.g. GDPR, HIPAA will be an advantage
Physical Demands:
The position requires the ability to:-
Work in an office or from home (as required) with a high degree of PC work and meeting attendance.
Travel as described below.
Travel Requirements: 10 to 15%
Stay connected and receive alerts for jobs like this by joining our talent community.
We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.
Check our Glassdoor page for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.
Explore our new website and learn more about our mission, our team, and the opportunities we offer.
Read Full Description