Position: Sr. Data Security Analyst
Location: Remote
Duration: 6-month
lnterview Process: 1 round – video interview
Competition: Yes
Must Haves:
• 5+ years of experience and background in Information security.
• 3+ years of data security technology experience including data classification, cloud DLP, CASB, and web content filtering.
• 3+ years technical hands-on experience with following Zero Trust Data Protection capabilities:
o Cloud Inline DLP policies – create and maintain DLP dictionaries, engines and policies
o CASB policies for in-line and out-of-bound data protection for SaaS and IaaS
o URL categories and Cloud app access control policies
o Creating dashboards and metrics
o Providing incident review and operational support
• 3+ years of experience working with Cloud Security Tooling such as Azure (Highly Preferred),GCP or AWS.
• 3+ year of experience working with SASE, Zero Trust and Conditional Access frameworks and architecture.
• 1+ years of experience with security controls alignment to key regulations like NIST, PCI, GDPR (FIPS 140-2, ISO, HITRUST, HIPAA,CPRA)
• Demonstrated experience working with a wide range of internal and external stakeholders at all levels on strategic and operational information security programs.
• Quickly adapts to changing events, reprioritizing efforts, and realign resources to fulfil large scale / complex requests.
• Strong communication skills, both written and verbal, with the ability to effectively convey technical concepts to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment, managing multiple priorities and meeting deadlines.
Plusses:
• Knowledge of SASE, Zero Trust and Conditional Access frameworks and architecture
• Previous experience with deploying Zscaler, Netskope or Skyhigh solutions in complex enterprise environments.
• Strong knowledge of data protection techniques and best practices.
• Understanding of public cloud concepts, preferably AWS, Azure & GCP
• Experience in a healthcare or critical infrastructure industry related environment.
• Strong understanding of network protocols, firewall technologies, and network security principles.
• Experience with security information and event management (SIEM) systems and log analysis tools.
• Excellent analytical and problem-solving skills, with the ability to identify and resolve complex technical issues.
• Relevant certifications (e.g., Zscaler Certified Engineer) are a plus.
Day to day:
Sr. Technical Analyst (this will be the internal CVS job title) – Cloud Data Protection will be a key member of Zero Trust Network Access program and support Data Protection Services capabilities in ensuring the confidentiality, integrity, and availability of our organization's data by implementing and managing Cloud Access and Data Loss Protection (DLP) capabilities in Zero Trust platform. Ideal candidate will have strong team player mentality, engineering skills and need minimal supervision.
Primary Job Duties & Responsibilities:
• Design, deploy, and configure Access Controls for URLs and Cloud Apps, tenant profiles, cloud DLP and CASB controls for SaaS and IaaS to protect sensitive data from unauthorized access, leakage, and exfiltration and enforce compliance requirements.
• Collaborate with cross-functional teams, including network administrators, security analysts, and system engineers, to integrate ZTNA data protection into the existing security infrastructure.
• Conduct regular assessments and audits of access and DLP policies and rules to ensure their effectiveness and alignment with CVS Health and industry best practices.
• Perform troubleshooting and issue resolution related to data protection, including investigating false positives and false negatives, and fine-tuning detection and prevention mechanisms.
• Stay up-to-date with the latest trends, vulnerabilities, and attack vectors, and recommend appropriate countermeasures.
• Provide technical expertise and guidance to other team members and stakeholders on Zero Trust functionality, implementation, and best practices.
• Respond to security incidents/findings where data handling is not in line with policy, partner with others to perform root cause analysis and corrective actions.
• Continuously drive a simplified, consistent user experience at points of service engagement.