Summary:
About Us:
Hollister Incorporated is a leading organization in Healthcare Manufacturing and Services, committed to maintaining the highest standards of cybersecurity and compliance. We are looking for a dedicated Data Protection Analyst to join our dynamic team and help us safeguard our digital assets.
Summary:
The role of the Data Protection Analyst is to assist in the building and monitoring of Hollister’s data security and operations globally, developing appropriate security controls for business partners and service providers.The Data Protection Analyst will develop security procedures and metrics to secure the data within and manage the Hollister global networks, systems and applications.
Responsibilities:
- Develops and maintains the Cyber Security data protection and privacy technical architecture to safeguard data, personnel, products and solutions that meet business requirements. Recommends guiding principles and technical standards that foster technological development.
- Collaborates with IT and business units to understand the requirements for security of data (stability, availability, integrity, privacy, etc.).
- Maintains architecture diagrams for both current and future states.
- Builds security controls that transition from current to future states.
- Stays abreast of technology innovations relating to data protection to ensure decisions align with industry best practices.
- The Data Protection Analyst will manage our Microsoft Purview Configurations and any other tools that contribute to data security. In addition, will assist in monitoring and assessing security to maintain governance, risk and compliance requirements through technical audits, risk assessments and issue management to maintain a compliant, audit ready posture. This role may also support the Enterprise Architecture team and Project Management Office to deliver technical security advisory services.
- Configure data classification controls and standards for the environment.
- Define data loss prevention controls and standards to protect our most sensitive data.
- Collaborate with Insider Risk team to identify and remediate risks.
- Identifies security and compliance requirements that align with standards, policies, technical controls, and architecture principles. Reviews risk assessments completed as part of the project lifecycle.
- Partners with organizational teams to provide technology evaluations and recommendations relating to data protection.
- Partners with and supports legal department
- Supports security operations and implementation of security controls and solutions ensuring the stable and secure operations of IT and related systems and components.
- Performs vulnerability analysis, coordinates effective systems patching and remediation tracking based on defined or applicable risk to the enterprise.
- Identifies and implements appropriate security and privacy monitoring within IT to safeguard Hollister's cybersecurity program.
- Supports security incident response and mitigation processes assessing event priority, determining risks, and monitoring appropriate remediation activities.
- Executes the security incident response lifecycle to drive threat remediation and strategic countermeasures.
- Addresses cyber-attacks through proactive identification, containment of security incidents, mitigation of malicious threats and malicious software, and system recovery.
- Performs security impact assessments to determine the enterprise's specific security, AI and privacy related risks.
- Performs risk assessment to ensure appropriate security during the introduction of modern technologies. Review and approve the findings and recommendations of risk assessments.
- Conducts audits and monitors issues to provide assurance reporting of how Hollister is complying with policies, industry and regulatory standards, and requirements to ensure the internal control framework is compliant and audit ready.
- Conducts security due diligence of third parties (vendor, suppliers and partners) based on risk model including security contract language, and logical, physical, and administrative controls.
- Other duties as required.
Essential Functions of the Role**:
- Indicate any physical requirements needed for the role
Work Experience Requirements
- Minimum 5-8 years of progressive technical IT experience focusing on data security with experience in data loss prevention, eDiscovery, security risks assessments, insider risk programs and governance risk and compliance support.
Education Requirements
- BS/BA Computer Science or equivalent related field of study required
- COMPTIA Security+
- Certified Information Systems Security Professional (CISSP) or equivalent industry leading security certification is strongly preferred
Specialized Skills/Technical Knowledge:
- Must have Microsoft Purview experience
- Must be familiar with Microsoft Azure concepts
- Knowledge of Data Loss Prevention, Insider Risk, Identity Management, Access Control
- Familiar with Information Security Frameworks such as: SOC2, ISO27001, NIST CSF, HIPAA, GDPR
- Knowledge of Data Protection and Compliance is a requirement
- Auditing experience is highly desired
- Creating and maintaining data protection policies, procedures, and documentation.
Local Specifications (English And Local Language):
Location - GurugramMode - Hybrid
