Lead Data Protection and Governance Specialist in Secaucus, NJ at Quest Diagnostics

Date Posted: 4/27/2020

Job Snapshot

Job Description

Look for more than answers.

At Quest, we are on a continuous journey of discovery and development. It’s this attitude that has made us an industry leader and the #1 Diagnostic Lab in the US. For those joining us, we offer exciting and fast-moving career opportunities where you can affect change at a rate unheard of in many organizations of our size and scope. While we invest in and develop technology to drive our innovations, our ongoing success relies on our people.

As a Lead Data Protection and Governance Specialist you will work for the world leader in the industry, with a career where you will have the opportunity to collaborate and affect change while expanding your leadership skills and technical knowledge. You can make a real impact in a market that is growing and developing.

The Lead Data Protection and Governance Specialist will work from our world headquarters in Secaucus, NJ.

Lead Data Protection and Governance Specialist– the role:

As a key member of the IT Security organization, the Lead Data Protection and Governance Specialist

will act as a member of the Data Protection & Governance team and will be responsible for managing and remediating instances of data leakage and other cyber security incidents related to data loss prevention that occur on our Company's network and computing assets.

This professional will also participate in sensitive information protection activities and will be expected to manage data leakage incidents to the point of remediation and clearly communicate any remediation activities and status to colleagues and/or senior management. This position also requires active and ongoing collaboration with many other organizations and departments within our Company, acting in a consultative capacity promoting information security awareness and compliance with IT Security policies.

Job responsibilities:

  • Develop data protection strategies, architectures and implementation plans.

  • Develop, document and maintain security policies, processes, procedures, standards and best practices.

  • Ensure the protection of networks, systems and applications by the enforcement of DLP security policies and using systematic DLP event analysis.

  • Monitor DLP information security events/alerts using available DLP tools to respond, triage, and escalate as needed.

  • Analyze event/alert patterns to properly interpret and prioritize threats using available DLP tools and other data protection solutions.

  • Identify trends and drive requirements aimed at fine-tuning existing data loss prevention policies.

  • Provide technical advice and input for the support of integrated security systems and solutions.

  • Maintain up-to-date information protection industry awareness and trends and be able to understand how emerging threats may potentially impact the organization.

  • Create, modify and review various reports and dashboards from our various reporting tools

  • Maintain DLP Policies/Rules and associated events which support compliance to our Company's corporate policies

  • Make recommendations to strengthen the security posture of our computing environment as well as recommend process and technology improvements to ensure timely response to potential Data Leakage security incidents

  • Establish Data Protection & Governance technical and process related documentation and references.

  • Investigate incidents generated from our User & Entity Behavior Analytics and Data Loss Prevention     Tools using log management tools, packet captures reports, data visualization, and pattern analysis.

  • Improve and challenge existing processes and procedures in a very agile and fast-moving information security environment

  • Provide high quality, professional day-to-day execution of GRC (Archer) engagements and projects in line with Data Protection & Governance team.

  • Prepare status reports on deliverables for GRC initiatives

  • Work with other team within the Security organization as well as , Legal, Privacy, and other business units as appropriate based upon corporate policy to respond to Data Leakage incidents and take the appropriate response actions

To qualify, the ideal candidate will have the following skills and experience:

  • B.S. Degree in Computer Systems Engineering, Computer Science, Computer Information Systems or equivalent education and experience required. 

  • 4+ years’ experience with the implementation and support of an IT Security program including aspects of security management, policies, standards, and application security related products, projects, procedures, and processes.

  • Working knowledge of different IT security domains and related concepts including auditing. 

  • Ability to work under pressure of time constraints and to prioritize.

  • Strong analytical skills to analyze security requirements and relate them to appropriate security controls.

  • A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.

  • Excellent organizational and time management skills.

  • Excellent written and verbal communications, including presentation skills, are important to be successful in this role.

  • Highly productive and resourceful, carries “Can do” attitude in approaching challenges

  • Provides guidance to and assists in training less experienced IT Security Specialists. Provides technical and functional guidance.

  • Related experience with business analysis and technical implementation of GRC tools, preferably RSA Archer

  • Prior engineering or operations experience with endpoint, network, or CASB DLP solutions

  • Network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.

  • Familiar with security management frameworks, such as NIST, GDPR and CCPA.

  • Technical knowledge of mainstream operating systems for example, Microsoft Windows and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.

  • Specialized training in information security helpful.

  • CISSP and any other security certification preferred.

  • Stays up-to-date with IT Data Protection landscape and upcoming trends in security

  • Accountable for the timeliness and quality of their tasks and assignments. 

  • Experience operating and administrating Security Information and Event Management platforms and/or Intrusion Detection/Prevention platforms a plus.

Apply Today

 

Join us for competitive benefits and development opportunities in a progressive and supportive environment. Help us improve our service, and the experiences of our patients and colleagues. Work with us and together we can be better.

Your Quest career. Seek it out.

 

 

 

All requirements are subject to possible modifications to reasonably accommodate individuals with disabilities. Quest Diagnostics is an Equal Opportunity Employer: Women / Minorities / Veterans / Disabled / Sexual Orientation / Gender Identity / Citizenship.

If you’re interested in career opportunities, but not ready to apply, join our talent network to stay connected to us and receive updates on the latest job opportunities and company news.

Group of people