Cox Automotive
Lead Cybersecurity Engineer for End User Data Protection
Cox Automotive, Sandy Springs, Georgia, United States
Cox Automotive
is on the lookout for a seasoned cybersecurity engineer to spearhead our End User Data Protection initiatives. In this pivotal role, you will be responsible for crafting, implementing, and overseeing strategies that safeguard sensitive data utilized by end users throughout the organization. The ideal candidate will bring extensive expertise in identity and access management (IAM), data loss prevention (DLP), secure authentication, and adherence to regulatory compliance. This position is essential in ensuring that our data protection measures complement business needs while offering a seamless user experience. Key Success Factors Include: Expertise in architecting and deploying scalable data protection solutions across a variety of platforms and user environments. In-depth understanding of IAM technologies, authentication protocols, and secure access controls. Demonstrated experience integrating data protection with enterprise identity platforms such as Okta, Azure AD, and Ping Identity. Comprehensive knowledge of regulatory frameworks (e.g., GDPR, GLBA, HIPAA) and their implications on data protection strategies. Proven ability to collaborate effectively across technical and business teams to enhance the adoption of secure practices. Hands-on experience in implementing adaptive authentication, conditional access, and passwordless technologies. Key Responsibilities Direct the development and implementation of data protection strategies for end-users across enterprise systems. Design and implement secure authentication and authorization mechanisms utilizing protocols like OAuth 2.0, OpenID Connect, SAML, and Kerberos. Engage in the deployment and management of DLP, encryption, and secure collaboration tools. Work closely with IAM, DLP, and application teams to embed data protection into identity workflows. Establish and enforce policies for secure data access, handling, and sharing. Support audit, compliance, and risk management efforts in relation to identity and data security. Promote the use of privacy-enhancing technologies and passwordless authentication solutions. Stay informed about emerging threats, technologies, and best practices in data protection and IAM. Minimum Requirements: Bachelor's degree in a relevant field and 6 years of experience in a similar area. Alternatively, a master's degree with 4 years, a Ph.D. with 1 year, or 18 years of relevant experience can be considered. Hands-on experience in implementing and managing enterprise-grade DLP and encryption solutions, alongside IAM platforms and authentication protocols. Capability to communicate cybersecurity policies clearly to both technical and non-technical stakeholders. Outstanding customer service, writing, and executive presentation abilities. Proven ability to create a productive collaboration with key stakeholders and work with other cybersecurity teams to implement best practices. Consultative approach to navigate complex issues with employees and senior leadership. Experience in risk evaluation and making business-impact recommendations. Required Technical Skills In-depth knowledge of IAM concepts: authentication, authorization, SSO, MFA, RBAC, ABAC. Proficiency in authentication protocols: SAML 2.0, OAuth 2.0, OpenID Connect, Kerberos. Experience with IAM platforms: Okta, Azure AD, Ping Identity, SailPoint. Implementation and management experience with MFA and passwordless solutions (e.g., YubiKey, Windows Hello). Strong familiarity with DLP, encryption, and secure file sharing technologies. Understanding of identity federation and conditional access policies. Knowledge of cybersecurity frameworks: ISO 27000, NIST, FFIEC. Preferred Technical Skills Experience with SCIM and user provisioning connectors. Deep knowledge of federated authentication and cross-domain identity management. Experience in deploying identity controls in Entra ID and across cloud platforms. Familiarity with zero trust architecture and cloud security frameworks (e.g., AWS Well-Architected Framework). Preferred Qualifications Experience in the automotive industry. Background with big four consulting firms or Fortune 500 companies. Relevant certifications (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA). Salary Range: USD 119,600.00 - 199,400.00 per year Compensation: The compensation package includes a base salary between $119,600.00 and $199,400.00, depending on the candidate's expertise and location. Additional compensation may include an incentive program. Benefits: We offer eligible employees flexible vacation policies, allowing you to take reasonable time off based on your responsibilities and the company's needs. Enjoy seven paid holidays, up to 160 hours of paid wellness leave annually for yourself or family members, as well as additional paid time off for bereavement, voting, jury duty, volunteering, military service, and parental leave.
is on the lookout for a seasoned cybersecurity engineer to spearhead our End User Data Protection initiatives. In this pivotal role, you will be responsible for crafting, implementing, and overseeing strategies that safeguard sensitive data utilized by end users throughout the organization. The ideal candidate will bring extensive expertise in identity and access management (IAM), data loss prevention (DLP), secure authentication, and adherence to regulatory compliance. This position is essential in ensuring that our data protection measures complement business needs while offering a seamless user experience. Key Success Factors Include: Expertise in architecting and deploying scalable data protection solutions across a variety of platforms and user environments. In-depth understanding of IAM technologies, authentication protocols, and secure access controls. Demonstrated experience integrating data protection with enterprise identity platforms such as Okta, Azure AD, and Ping Identity. Comprehensive knowledge of regulatory frameworks (e.g., GDPR, GLBA, HIPAA) and their implications on data protection strategies. Proven ability to collaborate effectively across technical and business teams to enhance the adoption of secure practices. Hands-on experience in implementing adaptive authentication, conditional access, and passwordless technologies. Key Responsibilities Direct the development and implementation of data protection strategies for end-users across enterprise systems. Design and implement secure authentication and authorization mechanisms utilizing protocols like OAuth 2.0, OpenID Connect, SAML, and Kerberos. Engage in the deployment and management of DLP, encryption, and secure collaboration tools. Work closely with IAM, DLP, and application teams to embed data protection into identity workflows. Establish and enforce policies for secure data access, handling, and sharing. Support audit, compliance, and risk management efforts in relation to identity and data security. Promote the use of privacy-enhancing technologies and passwordless authentication solutions. Stay informed about emerging threats, technologies, and best practices in data protection and IAM. Minimum Requirements: Bachelor's degree in a relevant field and 6 years of experience in a similar area. Alternatively, a master's degree with 4 years, a Ph.D. with 1 year, or 18 years of relevant experience can be considered. Hands-on experience in implementing and managing enterprise-grade DLP and encryption solutions, alongside IAM platforms and authentication protocols. Capability to communicate cybersecurity policies clearly to both technical and non-technical stakeholders. Outstanding customer service, writing, and executive presentation abilities. Proven ability to create a productive collaboration with key stakeholders and work with other cybersecurity teams to implement best practices. Consultative approach to navigate complex issues with employees and senior leadership. Experience in risk evaluation and making business-impact recommendations. Required Technical Skills In-depth knowledge of IAM concepts: authentication, authorization, SSO, MFA, RBAC, ABAC. Proficiency in authentication protocols: SAML 2.0, OAuth 2.0, OpenID Connect, Kerberos. Experience with IAM platforms: Okta, Azure AD, Ping Identity, SailPoint. Implementation and management experience with MFA and passwordless solutions (e.g., YubiKey, Windows Hello). Strong familiarity with DLP, encryption, and secure file sharing technologies. Understanding of identity federation and conditional access policies. Knowledge of cybersecurity frameworks: ISO 27000, NIST, FFIEC. Preferred Technical Skills Experience with SCIM and user provisioning connectors. Deep knowledge of federated authentication and cross-domain identity management. Experience in deploying identity controls in Entra ID and across cloud platforms. Familiarity with zero trust architecture and cloud security frameworks (e.g., AWS Well-Architected Framework). Preferred Qualifications Experience in the automotive industry. Background with big four consulting firms or Fortune 500 companies. Relevant certifications (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA). Salary Range: USD 119,600.00 - 199,400.00 per year Compensation: The compensation package includes a base salary between $119,600.00 and $199,400.00, depending on the candidate's expertise and location. Additional compensation may include an incentive program. Benefits: We offer eligible employees flexible vacation policies, allowing you to take reasonable time off based on your responsibilities and the company's needs. Enjoy seven paid holidays, up to 160 hours of paid wellness leave annually for yourself or family members, as well as additional paid time off for bereavement, voting, jury duty, volunteering, military service, and parental leave.