Position Information
Hiring Manager:
Senior Director
Department:
Technology Solutions
Title:
Vice President
Function:
Senior Data Loss Prevention Analyst
Department Overview
The Technology Solutions (TS) Department is responsible for designing and delivering state of the art technology solutions that are designed to create efficiency, mitigate risk and grow revenue for the Firm. Technology Solutions is also responsible for defining, managing and executing a robust Cyber Security program following the NIST Cyber Security Framework. Technology Solutions focuses on technical excellence through innovative application designs, robust data integration and analytics, high availability infrastructure and gold level service for our key stakeholders with information security embedded throughout. Critical functions within Technology Solutions include Project Management, Vendor Management, Business Analysis, Enterprise Data Governance and Stewardship, Application Development and 3rd Party Integration, Strategic and Secure Infrastructure and Operations. The Technology Solutions Department collaborates closely with Firm leadership and business unit heads to develop plans in line with business objectives.
Position Responsibilities
The Golub Capital Technology Solutions Department is looking for a skilled Information Security / Data Loss Prevention Analyst for the Enterprise Data Team dedicated to advancing our Data Protection and Privacy initiatives. The candidate will also support development and implementation of data privacy controls by overseeing the Privacy Office. This role is a high-visibility role to support the Firm’s ongoing efforts to advance data protection across both regulated personal data and key business assets. The ideal candidate will have a deep understanding of data protection tooling and capabilities and frameworks such as NIST. In this critical role, you will play a pivotal role in designing, implementing and managing our data protection program with specific focus on data loss prevention (DLP). You will be responsible for ensuring the confidentiality, integrity and availability of the Firm’s sensitive data while minimizing the risk of data breaches and unauthorized disclosure.
Responsibilities include but are not limited to:
-
Design, implement and manage our DLP strategy, tools and platforms to protect personal and internal business data across all methods of transmission, use and storage (on-premises, cloud and endpoints)
-
Monitor Adoption of DLP solutions and provide performance metrics to stakeholders
-
Provide Tier 2 support on data protection solutions
-
Conduct ongoing monitoring and analysis of DLP alerts to investigate potential security incidents and prevent data exfiltration attempts
-
Collaborate with security analysts and incident responders to investigate and remediate DLP violations
-
Partner with Legal and other stakeholders to understand data classification schemes and adjust DLP policies accordingly
-
Stay current on the latest DLP technologies, threats and regulations
-
Partner with business stakeholders and internal Data Governance groups to maintain and advance data handling policies / guidelines
-
Provide data protection awareness training on DLP best practices for employees
-
Suggest recommendations for new policies and standards related to data loss prevention
-
Report on data protection and handling policies with a focus on data exfiltration
-
Partner with Cybersecurity on DLP-related information security initiatives
-
Manage / Oversee an outsourced Data Privacy Office: (1) Ensuring that the following are done accurately and timely: Privacy Impact Assessments (PIAs), Transfer Impact Assessments (TIAs), Data Flow Maps and Record of Processing Activities (ROPAs), (2) Ensuring that the Data Catalog and Data Inventory are kept up to date, (3) Ensuring requests into the Privacy Office are fulfilled in a timely matter and (4) Escalate risks and / or issues regarding Privacy to the Data Governance Executive Committee or to Legal
-
Contribute to data protection and privacy risk measurement, perception, mitigation and prevention with data stories.
-
Build strong relationships with key business stakeholders, sponsors, technology colleagues and technology vendors
-
Confidently facilitate meetings with all levels of the organization including senior business stakeholders and senior management
Candidate Requirements
Qualifications & Experience:
-
Bachelor’s Degree in Computer Science, Business, Information Security or related field
-
7+ years of experience overall working in data management, protection or governance, preferably in Financial Services
-
A strong interest in data protection and governance
-
Experience in managing enterprise data assets in complex organizations
-
High level of proficiency with Microsoft Office applications (Word, Excel, PowerPoint and MS Project)
-
Prior use or knowledge of Microsoft Purview Information Protection (MPIP, DLP, Defender for Cloud, Insider Risk Management)
-
Familiarity with SQL
-
Experience managing and executing small to large sized projects and general understanding of Project Management principles
-
Detail-oriented with excellent analytical and problem-solving skills with complex situations to derive workable actions
-
Self-motivated, team oriented, flexible and able to multi-task
-
Proactive self-starter with a positive can-do and ‘no job too small or big’ attitude
-
Exceptional interpersonal, verbal, written and presentation skills
-
Results oriented with a high level of personal accountability
-
Motivated by data complexity rather than magnitude
-
Flexibility to adjust to multiple demands, shifting priorities, ambiguity and rapid change
-
Abide by our work-in-office policies then in effect
Critical Competencies for Success
Our Gold Standards Model defines key behaviors and competencies across 4 dimensions: Leadership, Achieving Results, Personal Effectiveness and Thinking Critically. These behaviors and competencies drive our ability to win together.
-
Leadership: Role models in this area consistently focus on the right goals and priorities and continually develop themselves and others. Always team players, they influence and engage with others to contribute to a supportive and inclusive culture where all feel welcome.
-
Achieving Results: Role models in this area are high achievers who develop careful plans and deliver consistently and effectively. They hold themselves and others accountable for delivering high quality results, and they remove barriers to ensure others can contribute and grow.
-
Thinking Critically: Role models in this area understand our business, rely on analytical reasoning and seek diverse perspectives to solve problems. They are forward thinking, anticipating issues and addressing them in advance.
-
Personal Effectiveness: Role models in this area build strong relationships, treat others with respect and communicate effectively. They are driven to exceed expectations and are adaptable to changing circumstances.
The department-specific competencies define the knowledge, skills and abilities that are needed to successfully perform the functional or technical work of this role.
-
Technical Support: Triages, troubleshoots and resolves technical support issues. Escalates issues as needed.
-
Software Development Principals: Utilizes software development, secure programming principles and a knowledge of programming languages to develop, configure and / or integrate new software and applications.
-
Business Needs Assessment: Identifies business needs across departments within the Firm to understand the challenges, goals and problems that the business needs to solve and identifies appropriate technical solutions.
-
Data Management and Information Security: Manipulates, restructures and / or queries data for various purposes, including reconciling issues in the database, designing database structures and / or generating reports. Adheres to governance principles and maintains data integrity and security.
-
Risk Management: Identifies, forecasts and articulates ways to pursue and manage informed risks in ambiguous, complex or uncertain situations based on sound value propositions and an analysis of potential rewards and costs.
-
Testing: Evaluates the functionality of an application, system or solution to ensure that requirements have been met and defects have been identified. Applies an understanding of end user requirements and usage in the end-to-end system to produce a quality product.
-
Industry Knowledge: Demonstrates an understanding of the Firm's position in the industry, including its complex structure and competitive advantage in the marketplace. Monitors industry trends and changes and recognizes their relevancy and implications.
-
Technical Communication and Documentation: Documents and communicates technical processes and procedures in area of specialty to stakeholders. Adapts the level of detail and specificity based on the needs of the intended audience.
-
Vendor Management: Manages and coordinates with external vendors. Researches and identifies new vendors as needed and monitors performance.
-
Relationship Management: Builds and maintains effective partnerships with internal clients and end users by advising on their needs and options, advocating for their business within the Technology Solutions department and managing expectations appropriately.
-
Project / Program Management: Manages Technology Solutions project elements considering conflicting priorities, interdependencies, business objectives, communications and available resources.
-
Innovative Mindset: Leverages an agile and creative mindset to drive innovative value creation, continuous process improvement and proactive learning through new technology, processes and people.
Compensation and Benefits
Compensation will be commensurate with experience. Golub Capital offers a full range of benefits which includes medical, dental, vision and 401(k).
Golub Capital is an Equal Opportunity Employer.