Direct the definition and articulation of security principles and standards for the design and build of the cloud security architecture, ensuring security integration into the development of cloud solutions; Formulate a cloud security framework and governance model that enforces secure, efficient data transfer and operations of Firm and client data across cloud environments (IaaS, PaaS, and SaaS); Deliver expertise regarding data protection considerations for migrating systems to the cloud, identifying potential security risks, and determining necessary security controls; Collaborate closely with engineering teams, promoting the adoption/adherence to security best practices, consistent with the Firm's information security policy, standards, and guidelines; Establish and manage data protection strategies for secure data sharing, transfer, and storage across the organization, implementing data protection controls to satisfy data confidentiality, integrity, and availability objectives; Oversee the client consent/notification process and ensure compliance with client guidelines related to the use of data across various form systems, including cloud platforms, external data processors, and cross-border data transfers; Contribute to defining the strategic roadmap for data technology and cloud initiatives; Coordinate with legal and compliance teams to ensure continuous compliance with relevant industry standards and regulations concerning cloud security and data governance, such as GDPR, CCPA, and others applicable to our operations; and Collaborate with various stakeholders, including Security Engineering and Operations, IT engineering, application development, and business units, to establish and enforce cloud and data governance policies within Firm technology. In addition, the Senior Manager, Cybersecurity Cloud & Data Governance will be expected to have:
Strong knowledge of privacy and information security frameworks (e.g., NIST, ISO, etc.) and relevant regulatory requirements (e.g., GDPR, CCPA, etc.); Expertise on security trends and research to address potential security exposures; Strong written and verbal communication skills; and Knowledge of supplier resiliency requirements. Requirements Direct the definition and articulation of security principles and standards for the design and build of the cloud security architecture, ensuring security integration into the development of cloud solutions; Formulate a cloud security framework and governance model that enforces secure, efficient data transfer and operations of Firm and client data across cloud environments (IaaS, PaaS, and SaaS); Deliver expertise regarding data protection considerations for migrating systems to the cloud, identifying potential security risks, and determining necessary security controls; Collaborate closely with engineering teams, promoting the adoption/adherence to security best practices, consistent with the Firm's information security policy, standards, and guidelines; Establish and manage data protection strategies for secure data sharing, transfer, and storage across the organization, implementing data protection controls to satisfy data confidentiality, integrity, and availability objectives; Oversee the client consent/notification process and ensure compliance with client guidelines related to the use of data across various form systems, including cloud platforms, external data processors, and cross-border data transfers; Contribute to defining the strategic roadmap for data technology and cloud initiatives; Coordinate with legal and compliance teams to ensure continuous compliance with relevant industry standards and regulations concerning cloud security and data governance, such as GDPR, CCPA, and others applicable to our operations; and Collaborate with various stakeholders, including Security Engineering and Operations, IT engineering, application development, and business units, to establish and enforce cloud and data governance policies within Firm technology. In addition, the Senior Manager, Cybersecurity Cloud & Data Governance will be expected to have:
Strong knowledge of privacy and information security frameworks (e.g., NIST, ISO, etc.) and relevant regulatory requirements (e.g., GDPR, CCPA, etc.); Expertise on security trends and research to address potential security exposures; Strong written and verbal communication skills; and Knowledge of supplier resiliency requirements.
