Logo
Quest Technology Management

Staff Security Engineer – Data Discovery

Quest Technology Management, Sacramento, California, United States, 95828


Description

Bring your heart to CVS Health. Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced human-centric health care for a rapidly changing world. Anchored in our brand — with heart at its center — our purpose sends a personal message that how we deliver our services is just as important as what we deliver.

Our Heart At Work Behaviors support this purpose. We want everyone who works at CVS Health to feel empowered by the role they play in transforming our culture and accelerating our ability to innovate and deliver solutions to make health care more personal, convenient and affordable.

Position Summary

The Staff Security Engineer – Data Discovery is an important member of the Data Integrity Services team focused on working with cutting-edge technology to manage the risk of emerging threats. Your role will focus on leveraging advanced technologies and methodologies to discover, classify, and protect data across various platforms and environments. This position requires a deep understanding of data security principles, excellent technical skills, and the ability to lead a team in implementing effective data protection measures.

This Staff Security Engineer will collaborate with privacy, compliance, ransomware protection, remediation, retention, data vaulting and recovery functions to align data security efforts with organizational goals. The ideal candidate will have proven success driving strategy, implementing innovated tools and processes in support of data protection requirements.

Primary Job Duties & Responsibilities:

Develop and communicate vision and strategy for data discovery products aligned with overall business goals, industry trends and business practices.

Decision-maker and primary point of contact for the data discovery product roadmap. Define and prioritize features based on business priorities and customer needs.

Collaborate with stakeholders to gather and document detailed product requirements, and to drive product development from concept to launch. Evaluate and recommend data discovery and classification tools, technologies, and methodologies.

Implement and integrate selected technologies into existing security infrastructure to enhance data protection capabilities.

Utilize tools and manual techniques to scan, tag, and categorize data based on sensitivity and regulatory requirements.

Ensure comprehensive coverage of all data repositories and environments (cloud, on-premises, hybrid).

Develop and maintain data discovery dashboard, metrics roadmap, and scorecards.

Create and enforce policies, procedures, and controls to ensure compliance with relevant regulations and standards.

Provide technical guidance and mentorship to team members, ensuring high-quality deliverables and adherence to security best practices.

Partner with systems and security architecture, application, databases and storage teams to prioritize data security by design.

Manage the sequencing and timing of project delivery with technology leadership, product, and engineering teams.

Identify and communicate risk to that impede the timely recovery of critical systems.

Support data protection audit, compliance, regulatory, client assurance, and third-party assessment projects.

Required Qualifications

7+ years of technical data security experience building and managing sophisticated tools and processes in support of cybersecurity protection and strategy initiatives.

5+ years of hands-on experience engineering or administrating cloud solutions in support of data discovery, labeling, storing and recovery of data.

Passionate understanding and working knowledge of data protection fundamentals and risk-based approach to information security.

Continuous improvement mindset for fine-tuning processes and controls, and to increase efficiency across the team.

Demonstrated experience working with a wide range of internal and external stakeholders at all levels on strategic and operational information security programs.

Strong analytical abilities, verbal/written communication, and interpersonal skills.

Quickly adapts to changing events, reprioritizing efforts, and realigning resources to fulfil large scale / complex requests.

Preferred Qualifications

Strong knowledge of data protection techniques and best practices.

Experience with security solutions for data loss prevention, encryption, proxy, cloud data security, structured data security, and insider risk.

Industry certifications from PMI, ISC2, SANS, ISACA, IAPP or equivalent.

Knowledge of data security and privacy regulatory compliance, frameworks and standards such as PCI, HIPAA, NIST, FIPS 140-2, GDPR, CCPA.

Continuous learner well informed on technology trends, methodologies, and models.

Ability to manage a high degree of complexity and distill information that provides clear direction.

Strong attention to detail and a focus on mobilizing the organization to deliver the strategy.

Ability to motivate others with high expectations to facilitate impact and pace of change.

Agility to deal with a constantly changing business environments.

Comfortable operating within areas of ambiguity to iterate and make progress in a consistent manner.

Drive change across an organization while building a strong morale and culture.

Fosters collaborative decision-making processes that deliver results and exceed expectations.

Education

Bachelor degree from accredited university or equivalent work experience (HS diploma + 4 years relevant experience).

#J-18808-Ljbffr