SVP, Data Loss Prevention in New York, NY at Vaco

Date Posted: 7/12/2019

Job Snapshot

Job Description

Vaco is a private-equity backed solutions company that provides consulting, managed services, staffing, and placement services globally. Established in 2002 by "Big 4" consulting veterans, Vaco now has over 40 offices and has worked with over 9,000 clients. We have over 6,000 consultants and been named to Inc. magazine's list of fastest-growing private companies for the past 12 years. Vaco offers boutique services with global reach.

The Vaco Cyber Security team's success relies on the trusted relationships built with our clients. We recognize the challenge organizations encounter improving security, restructuring operations and handling risk while maintaining compliance and keeping costs down. Our information security specialists work closely with organizations to provide the solutions that best match business and security objectives. As a member of the team, you will have the opportunity to utilize and expand your skills through client experience and industry training while collaborating with security professionals across industries. Our team provides the full spectrum of security services to clients including, Strategy & Advisory, Identity & Access Management, Cyber Security Operations, Managed Services, Governance, Risk, and Compliance.

Looking for an exciting career opportunity as a Data Loss Prevention Specialist? Instead of being another faceless resume, let Vaco advocate for you! Right now, we are looking to fill a position for our Data Loss Prevention Team. With Vaco, you will have an advantage over your competition! Our information security practice maintains strong relationships with clients, connect your experience with the right consulting project-promoting your strengths to the manager while preparing you for that specific interview.

Our team will provide you with great insight about trends in the market - keeping you up to date on compensation expectations, opportunities to work on exciting, impactful projects, and opportunities for industry training and advancement. If you're an experienced, and you want to partner with the best, apply today

Responsibilities Include

* Lead the effort of building a DLP function within CyberSecurity.

* Build, develop, and maintain relationships with internal and external customers, and vendors to formulate DLP solutions for Freddie Mac.

* Partner with key stakeholders across the organization to understand Governance and business requirements to determine scope of DLP policies.

* Responsible for defining and documenting DLP processes/procedures to meet the objectives detailed in the DLP Charter and align with Governance requirements.

* Responsible for developing reports and defining metrics that help determine actual enterprise risk posture relating to data risk and effectiveness of the DLP Program.

* Coordinate the process of integration of DLP events into a UEBA tool with the DLP team and required stakeholders.

* Confirm DLP gaps identified from various sources are addressed as part of the DLP Program establishment effort.

* Work with required stakeholders to develop and submit evidence of action items being met to support remediation of a related open DLP issue.

* Conduct periodic risk assessments to confirm the risk of data loss is being managed effectively upon maturation of the DLP function.

* Must be able to present to different audiences and adjust accordingly (business, technical and management), either structured presentations or ad-hoc.

* Must be able to establish and maintain business relationships with individual contributors as well as management.


* 7+ years of Information Security or related risk management experience.

* Demonstrated experience with designing and implementing Security Risk Management programs.

* Proven written and verbal communication skills with both Business/Management and Technical/Engineering resources.

* Bachelor's degree in Computer Science, Information Technology, Business Management, related field or equivalent work experience.

* Relevant security knowledge and experience in two of the following areas: security operations, incident response, network/host intrusion detection, malware analysis, threat response.

* Ability to communicate clearly, effectively, persuasively and credibly with internal management and external senior level oversight entities.

* Experience in leading personnel.

Keys to Success in This Role

* Ability to develop mutually beneficial relationships inside and outside of the division

* Deep curiosity to learn about new trends and how to do things better

Top 3 Personal Competencies to Possess

* Partnership - Build trust and strong partnerships through my own and my team's actions

* Drive for Execution - Treat obstacles as challenges to overcome, not excuses

* Seek and Embrace Change - Continuously improve work processes rather than accepting the status quo

Preferred Skills

* CISSP or CISM certification. Other relevant certifications such as CIPT will be considered.

* Experience in the financial services industry.

* Experience working in a DLP role.

* Knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection).