Data Security Engineer

C

Cloud Peritus

Data Security Engineer

Stamford, CT
Full Time
Paid
  • Responsibilities

    Job Description

    What you’ll do

    • Design and implement comprehensive data security architectures, with particular focus on database platforms (primarily SQL Server)
    • Develop and maintain enterprise-wide encryption strategies for securing structured and unstructured data both in transit and at rest, both and both on-premise and in the cloud
    • Enhance logging, monitoring and SecOps capabilities of enterprise databases and other data stores
    • Configure and optimize Identity and Access Management (IAM) solutions across data platforms and repositories to align to least privilege principles
    • Implement Data Loss Prevention (DLP) strategies and controls
    • Implement and maintain Information Rights Management (IRM) and Digital Rights Management (DRM) solutions
    • Design and implement data tokenization strategies where appropriate
    • Secure data processing pipelines and ensure appropriate controls for data workflows
    • Create and maintain data security documentation, including policies, procedures, and standards
    • Collaborate with development teams to ensure security best practices in data handling
    • Conduct vulnerability assessments of the firm’s database architecture and associated data storage and processing systems
    • Assist in monitoring and managing security patching and upgrade processes for database platforms

    What’s required
    • Bachelor's degree in computer science, cybersecurity, or related technical field
    • 6+ years of experience in data/database security engineering and governance
    • Deep expertise in database security, particularly SQL Server
    • Comprehensive understanding of data warehouse/data lake architectures and tools, particularly Databricks (required)
    • Subject matter expertise in Object Storage (eg: S3, Azure Blob, etc) and related security
    • Understanding of Active Directory Delegation (constrained vs. unconstrained) and associated best practices
    • Experience with 3rd-party SQL Server security governance and monitoring products (eg: Idera, Solarwinds)
    • Extensive knowledge of encryption technologies for both structured and unstructured data
    • Broad knowledge of secure data/file sharing solutions and ETL workflows
    • Experience designing and implementing data tokenization solutions
    • Experience with data classification and DLP technologies
    • Scripting/automation capabilities (eg: SQL, PowerShell, Python)
    • Commitment to the highest ethical standards

  • Qualifications

    Qualifications

    Ivy league colleges education preferred or huge plus.

    Additional Information

    All your information will be kept confidential according to EEO guidelines.