Software Guidance and Assistance, Inc.
Remote DLP Engineer
Software Guidance and Assistance, Inc., Conshohocken, Pennsylvania, us, 19429
Software Guidance & Assistance, Inc., (SGA), is searching for anSenior DLP Engineer for a contract position with a Pharmaceutical firm.
You will be a pivotal member of our global cybersecurity operations and incident response team. Your role will involve providing strategic oversight and leadership in the detection, alerting, and investigation of DLP incidents. You will leverage your extensive experience to protect sensitive healthcare data and ensure compliance with healthcare regulations.Responsibilities
:Lead the review and management of DLP alerts.Oversee and guide DLP event investigations and provide escalation management.Identify DLP ruleset tuning opportunities and implement recommendations.Develop and refine technology infrastructure and operational processes for effective incident response.Create and maintain operational runbooks and response procedures.Develop and implement DLP strategies and policies in alignment with overall cybersecurity objectives and healthcare regulations.Conduct root cause analysis, identifying indicators of attack or compromise, and attack vectors.Deliver comprehensive verbal and written reports to senior management, including insights and recommendations for improving data protection.Ensure compliance with healthcare regulations and industry standards related to data protection and cybersecurity, such as HIPAA, GDPR, and ISO 27001.Stay updated with the latest trends and technologies in cybersecurity and DLP to continually enhance processes and defenses.Collaborate with other cybersecurity teams to integrate DLP strategies with broader security initiatives and healthcare-specific requirements.Mentor and develop junior cybersecurity engineers, fostering a culture of continuous learning and improvement.Participate in on-call rotation (including weekends) to ensure continuous operations.Lead internal incident response exercises and drills.EXPERIENCE, SKILLS, AND EDUCATIONAL REQUIREMENTS:Must have:
5+ years' experience in areas of DLP, data classification, and/or data protection, preferably in a healthcare environment.Experience with Unix/Linux/Windows Operating Systems.Excellent written and verbal communication skills, with experience presenting technical information to both technical and non-technical audiences, including senior management.Bachelor's or Master's Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems, or a related field, or equivalent work experience.Strong analytical and problem-solving skills with the ability to think critically and make decisions under pressure.Proven ability to lead and work both independently and as part of a team in a fast-paced environment.Deep familiarity with regulatory requirements and industry standards related to data protection and cybersecurity (e.g., GDPR, CCPA, HIPAA, ISO 27001).Nice to have:
Working knowledge of Shell/Bash/Python.Firsthand experience with SIEM, IDS/IPS, EDR and other security technologies.Relevant certifications (e.g., CISSP, CISM, CEH, GIAC) are a plus.SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at https://sgainc.com/ .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company EEO page to request an accommodation or assistance regarding our policy.
You will be a pivotal member of our global cybersecurity operations and incident response team. Your role will involve providing strategic oversight and leadership in the detection, alerting, and investigation of DLP incidents. You will leverage your extensive experience to protect sensitive healthcare data and ensure compliance with healthcare regulations.Responsibilities
:Lead the review and management of DLP alerts.Oversee and guide DLP event investigations and provide escalation management.Identify DLP ruleset tuning opportunities and implement recommendations.Develop and refine technology infrastructure and operational processes for effective incident response.Create and maintain operational runbooks and response procedures.Develop and implement DLP strategies and policies in alignment with overall cybersecurity objectives and healthcare regulations.Conduct root cause analysis, identifying indicators of attack or compromise, and attack vectors.Deliver comprehensive verbal and written reports to senior management, including insights and recommendations for improving data protection.Ensure compliance with healthcare regulations and industry standards related to data protection and cybersecurity, such as HIPAA, GDPR, and ISO 27001.Stay updated with the latest trends and technologies in cybersecurity and DLP to continually enhance processes and defenses.Collaborate with other cybersecurity teams to integrate DLP strategies with broader security initiatives and healthcare-specific requirements.Mentor and develop junior cybersecurity engineers, fostering a culture of continuous learning and improvement.Participate in on-call rotation (including weekends) to ensure continuous operations.Lead internal incident response exercises and drills.EXPERIENCE, SKILLS, AND EDUCATIONAL REQUIREMENTS:Must have:
5+ years' experience in areas of DLP, data classification, and/or data protection, preferably in a healthcare environment.Experience with Unix/Linux/Windows Operating Systems.Excellent written and verbal communication skills, with experience presenting technical information to both technical and non-technical audiences, including senior management.Bachelor's or Master's Degree in Cybersecurity, Risk Analysis, Computer Science, Information Systems, or a related field, or equivalent work experience.Strong analytical and problem-solving skills with the ability to think critically and make decisions under pressure.Proven ability to lead and work both independently and as part of a team in a fast-paced environment.Deep familiarity with regulatory requirements and industry standards related to data protection and cybersecurity (e.g., GDPR, CCPA, HIPAA, ISO 27001).Nice to have:
Working knowledge of Shell/Bash/Python.Firsthand experience with SIEM, IDS/IPS, EDR and other security technologies.Relevant certifications (e.g., CISSP, CISM, CEH, GIAC) are a plus.SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at https://sgainc.com/ .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company EEO page to request an accommodation or assistance regarding our policy.