Illinois Staffing
Senior Engineer (Sr. Data Security Analyst)
Illinois Staffing, Chicago, Illinois, United States, 60290
Senior Engineer (Sr. Data Security Analyst)
College Board - Technology This is a fully remote role. Candidates who live near CB offices have the option of being fully remote or hybrid (Tuesday and Wednesday in office). Type: This is a full-time position About the Team
College Board's Enterprise Security Engineering (ESE) team currently consists of 6 full-time staff and additional contractors. ESE is responsible for implementing and managing cutting-edge security solutions and tools. We protect the confidentiality, integrity and availability of data and endpoints across physical and cloud environments. We protect workloads and data in AWS and Azure, corporate networks, user endpoints around the country and data in SaaS and PaaS environments. We enable our developers and colleagues to deliver new, secure digital offerings that include the Digital SAT and AP exams. The work we perform supports the College Board's mission to connect students to college success and opportunity. College Board is committed to creating an inclusive environment where all team members feel valued, respected, and supported in their work. We welcome individuals from diverse backgrounds and experiences to join our team and contribute to our ongoing success. About the Opportunity
You are passionate about protecting sensitive information and ensuring data is used responsibly and securely. As a Senior Engineer (Sr. Data Security Analyst), you'll play a critical role in identifying, assessing, and mitigating data-related risks across the organization. This role exists to safeguard information assets, support privacy and compliance goals, and strengthen resilience against internal and external threats. You'll collaborate closely with cybersecurity, data governance, privacy, engineering, and operations teams to build and enforce security controls that align with regulatory frameworks and business and security priorities. With a strong background in data science, you bring a unique ability to analyze complex datasets, develop predictive models for risk detection, and uncover insights that enhance our security posture. You'll apply advanced analytical techniques and automation to monitor data flows, identify anomalous behavior, and support data classification and policy enforcement efforts at scale. Your expertise will help drive data-informed security decisions, improve threat detection, and ensure data protection strategies are proactive, efficient, and evidence-based. Data Security Governance and Control Implementation (60%)
Define, implement, and maintain data classification, handling, and access control policies and standards across cloud and on-prem environments, leveraging data analytics to ensure policies address current threats. Configure and tune DLP tools, DSPM, CASB, and cloud-native security controls to detect and prevent exfiltration of sensitive data or models, using statistical and machine learning techniques to optimize detection thresholds and reduce false positives. Map and inventory sensitive data using security tools and support automated tagging to better inform security controls and data lifecycle management. Provide subject matter expertise on encryption, tokenization, and access management for structured, semi-structured, and unstructured data. Participate in risk assessments, control testing, and audits as needed with data owners across the organization, applying data-driven analysis to quantify risks and support evidence-based remediation plans. Recommend enhancements to data protection tooling and processes based on emerging threats and lessons learned, incorporating trends from security analytics and predictive risk modeling. Data Risk Monitoring and Alert Response (20%)
Monitor data security alerts and anomalies supported by College Board's security tools. Triage data-related security events, interfacing with data custodians and escalating to the Cyber Defense Team as needed, leveraging behavioral analytics to improve prioritization. Assist Cyber Defense in DLP investigations, utilizing forensic and data mining techniques to support root cause analysis. Maintain awareness of threats and behavioral risks tied to data access, incorporating insights from user and entity behavior analytics (UEBA). Utilize internal AI agents to enable more accurate reviews, helping to automate the identification of high-risk data interactions and enhance the speed of investigation. Collaboration, Reporting, and Continuous Improvement (20%)
Work with Legal, Privacy, and Data Governance teams to align data protection practices with policies and laws
College Board - Technology This is a fully remote role. Candidates who live near CB offices have the option of being fully remote or hybrid (Tuesday and Wednesday in office). Type: This is a full-time position About the Team
College Board's Enterprise Security Engineering (ESE) team currently consists of 6 full-time staff and additional contractors. ESE is responsible for implementing and managing cutting-edge security solutions and tools. We protect the confidentiality, integrity and availability of data and endpoints across physical and cloud environments. We protect workloads and data in AWS and Azure, corporate networks, user endpoints around the country and data in SaaS and PaaS environments. We enable our developers and colleagues to deliver new, secure digital offerings that include the Digital SAT and AP exams. The work we perform supports the College Board's mission to connect students to college success and opportunity. College Board is committed to creating an inclusive environment where all team members feel valued, respected, and supported in their work. We welcome individuals from diverse backgrounds and experiences to join our team and contribute to our ongoing success. About the Opportunity
You are passionate about protecting sensitive information and ensuring data is used responsibly and securely. As a Senior Engineer (Sr. Data Security Analyst), you'll play a critical role in identifying, assessing, and mitigating data-related risks across the organization. This role exists to safeguard information assets, support privacy and compliance goals, and strengthen resilience against internal and external threats. You'll collaborate closely with cybersecurity, data governance, privacy, engineering, and operations teams to build and enforce security controls that align with regulatory frameworks and business and security priorities. With a strong background in data science, you bring a unique ability to analyze complex datasets, develop predictive models for risk detection, and uncover insights that enhance our security posture. You'll apply advanced analytical techniques and automation to monitor data flows, identify anomalous behavior, and support data classification and policy enforcement efforts at scale. Your expertise will help drive data-informed security decisions, improve threat detection, and ensure data protection strategies are proactive, efficient, and evidence-based. Data Security Governance and Control Implementation (60%)
Define, implement, and maintain data classification, handling, and access control policies and standards across cloud and on-prem environments, leveraging data analytics to ensure policies address current threats. Configure and tune DLP tools, DSPM, CASB, and cloud-native security controls to detect and prevent exfiltration of sensitive data or models, using statistical and machine learning techniques to optimize detection thresholds and reduce false positives. Map and inventory sensitive data using security tools and support automated tagging to better inform security controls and data lifecycle management. Provide subject matter expertise on encryption, tokenization, and access management for structured, semi-structured, and unstructured data. Participate in risk assessments, control testing, and audits as needed with data owners across the organization, applying data-driven analysis to quantify risks and support evidence-based remediation plans. Recommend enhancements to data protection tooling and processes based on emerging threats and lessons learned, incorporating trends from security analytics and predictive risk modeling. Data Risk Monitoring and Alert Response (20%)
Monitor data security alerts and anomalies supported by College Board's security tools. Triage data-related security events, interfacing with data custodians and escalating to the Cyber Defense Team as needed, leveraging behavioral analytics to improve prioritization. Assist Cyber Defense in DLP investigations, utilizing forensic and data mining techniques to support root cause analysis. Maintain awareness of threats and behavioral risks tied to data access, incorporating insights from user and entity behavior analytics (UEBA). Utilize internal AI agents to enable more accurate reviews, helping to automate the identification of high-risk data interactions and enhance the speed of investigation. Collaboration, Reporting, and Continuous Improvement (20%)
Work with Legal, Privacy, and Data Governance teams to align data protection practices with policies and laws