Lead Information Security Analyst - DLP

The Lead Information Security Analyst plays a crucial role in supporting the InfoSec mission of securing the patient experience at Children's National. This position is responsible for overseeing and managing the analysis of information security risks that could compromise the organization's systems. You will be cataloging risks, identifying and remediating vulnerabilities, managing access, securing data, and establishing policies and standards.

Additionally, the Lead Information Security Analyst provides expertise in implementing data loss prevention (DLP) solutions, with experience in network architecture to execute tool solutions. The role involves proven success in using DLP tools such as Microsoft Purview Information Protection and Data Loss Prevention (DLP). The position encompasses:

• Network DLP: Monitoring data flowing across the network, including emails and web traffic.
• Endpoint DLP: Monitoring data on individual devices like laptops and desktops.
• Cloud DLP: Protecting sensitive data stored in cloud services.

Minimum Education

• Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required)

Minimum Work Experience

• 10+ years of experience in cybersecurity with a focus on vulnerability management, cybersecurity operations, analysis, forensics and/or investigations (Required)

Required Skills/Knowledge

• Experience leading in the application of key cybersecurity practices, controls, and frameworks
• Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
• Experience leading cybersecurity auditing, compliance, and policy
• Experience leading cybersecurity risk assessments, vulnerability management, penetration testing, and threat identification.
• Experience leading the management of access controls including identity, active directory, privileged account management, and authentication
• Experience leading cybersecurity incident response, risk remediation, business continuity, disaster recovery, and cyber operations.

Functional Accountabilities

• Oversees the Identification, documentation, and reporting of cybersecurity risks
• Leads the development of Information Security policies, standards, and procedures.
• Leads engagement with senior leaders of CNH business units to ensure security of assets, applications, and data
• Leads the application of procedures and systems associated with managing access to CNH systems, data, and other assets
• Leads the execution of responses associated with cybersecurity incidents, as required