Data protection is the foundation of information security. Knowing what data you have, where it is located and how it is protected and in compliance with laws/regulations is the minimum requirements of any security program. This role will evolve the current strategy and implement the next generation enterprise data protection strategy. Use your expertise to help us craft the next generation of our IT Security program. Help us re-think what it means to achieve cyber excellence delivering capabilities in a fast-changing, highly competitive market.
Your day could include and experience we would like to see :
Acts as a transformation security leader driving change across IT and business departments to implement strong data security practices, encryption and other data protection and privacy requirements.
Develop and implement enterprise data protection strategy.
Work with asset management program to link data to other areas of the asset taxonomy.
Develop approach to identify, protect and minimize data while balancing business needs and privacy requirements.
Partner and educate IT partners in data protection requirements and data protection techniques
Develop policies, standards and ongoing governance to ensure compliance and resiliency.
Lead team of technical resources to implement outstanding outcomes.
Identify data protection and minimization strategies, with focus on impact of emerging technology (Cloud, CI/CD)
Foster and drive organizational change that leads security towards a comprehensive data protection strategy and implementation plan
Actively partner with department leads, architects, and business liaisons to embed the appropriate data protection practices and requirements at the beginning of projects
Ability to develop compelling visual materials to communicate with various levels of leadership across IT and the business.
Assess data protection practices and implement protection through proper access controls and encryption tools and strategies.
Experience managing certificates and cypher keys used in secure communication and the tokenization of data.
Education, Certifications and nice to have:
Bachelor's degree (in Information Technology or a related discipline) or equivalent work experience
7+ years of Information Technology and Security experience*
Experience in Encryption, Access Management, Privacy and other data protection areas
Agile operational model experience
IS certifications preferred (CISSP, CISM, CISA or Equivalent)
Leadership experience (2-5 years)
CSAA Insurance Group offers many benefits, including:
Comprehensive health care plans, including medical, dental, vision, and tax-deferred spending accounts.
Employee assistance, healthy pregnancy and wellness programs.
Paid time off, plus nine paid holidays and 24 hours of volunteer time off.
401(k) plus company matching up to 6% and a cash balance pension program.
Paid training, tuition reimbursement, self-service training and career development opportunities.
Be part of a community that works:
At CSAA Insurance Group, we take pride in our values-based culture. Helping our employees have enriched lives and satisfying careers is how we work. Our employees appreciate the integrity and inclusion that is evident throughout our everyday interactions. We respect the diverse range of perspectives, backgrounds and cultures of our teams, and join together when it comes to helping our members, community or one another.
Headquartered in Walnut Creek, California, our community also works in Arizona, Colorado, Nevada, New Jersey and Oklahoma. Learn more about us at CSAA-Insurance.aaa.com/careers
Please submit your application to be considered. We communicate via email, so check your inbox to ensure you don't miss important updates from us.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.