Senior Security Specialist - Netskope

About the role

The Senior Security Engineer is responsible for leading enterprise security initiatives that support Zero Trust Network Architecture and risk mitigation efforts. This role focuses on enhancing and supporting the capabilities of technologies such as Netskope, Microsoft 365, and Data Loss Prevention. The Senior Security Engineer provides critical expertise in optimizing these technologies and supports a global function through proactive engagement with multiple teams.

Responsibilities

A key role of the Senior Security Engineer is to assist improving the organizations security posture, identifying areas of risk, protecting confidentiality, and assuring the integrity and security of the organization's systems and information while ensuring alignment with business goals, vision, and strategy.

Enterprise Security Projects:

• Participate in application and infrastructure projects to provide security-planning advice and requirements, when appropriate.
• Implement security solutions and controls, including process and technology, to minimize risks.

Technology & Infrastructure:

• Enhance Microsoft 365 (M365) security, focusing on Azure AD, Conditional Access, Data Loss Prevention (DLP), and Purview Information Protection.
• Lead security efforts to enhance Microsoft Purview Information Protection capabilities including data labelling, data protection policies and data loss prevention.
• Collaborate with stakeholders to ensure secure network architecture, systems configurations, and protection mechanisms.
• Stay updated on emerging security threats, vulnerabilities, and technology trends.
• Provide security support to the rest of the enterprise security team when needed.

Cybersecurity Technical

• Maintain and optimize security solutions such as Netskope, M365 Information Protection, and Data Security platforms.
• Provide technical expertise in the Netskope platform, including configuration management, troubleshooting, monitoring and reporting for key services such as Cloud Access Security Broker, Secure Web Gateway services, Network Private Access, Data Loss Prevention and Threat Protection.
• Conduct periodic assessments and optimizations of the Netskope platform to ensure security effectiveness, scalability and operational efficiency.
• Develop and maintain advanced Netskope security policies and provide training on best practices.
• Maintain up to date knowledge on the platform, including product updates, roadmap features and emerging threats to proactively support the solution in meeting business requirements, compliance objective and data protection requirements.
• Collaborate with security vendors and integrators to ensure the organization is optimizing design, use and operationalization of products and services to maximize security benefits.
• Develop capabilities, services, and platforms that are leveraged to reduce the overall risk to organizational environments including cloud and on-premises.

Collaboration and Communication:

• Collaborate with Global Technology Services, Digital Workspace Experience, Global Privacy and other departments to ensure the implementation of security measures.
• Communicate security risks and incidents to senior management and stakeholders.
• Represent the organization in security forums and with external partners.

Qualifications and Experience

Required Skills

• A degree in a technology or cybersecurity discipline, or other equivalent combination of education and experience that provides the required knowledge and skills.
• Direct, hands-on experience or strong working knowledge of managing security infrastructure.
• Excellent analytical, problem-solving, and effective communication skills.
• Proficiency with security tools and technologies including Netskope, Microsoft Information Protection, and Data Loss Prevention.

Desired Skills

• Security Certifications such as SSCP, CCSP, CCSK, CISSP or equivalent.
• Extensive experience supporting enterprise information security in a complex, decentralized IT organization, which focuses on protection of sensitive information and proprietary information.
• Working knowledge of architectural security models such as Zero Trust.
• Working knowledge of project management methodologies such as waterfall, and agile
• Familiarity with regulatory compliance requirements (e.g., GDPR, HIPAA).
• Working knowledge of cyber security risk management. Experience within the manufacturing and/or healthcare industries.