DLP Program Lead - Kiewit Technology Group

Apply now »
Apply now

Date: Apr 16, 2019

Location: Omaha, NE, US

Company: Kiewit

Requisition ID: 79598

DLP Program Lead - Kiewit Technology Group

Position Overview:
The Information Security DLP Program Lead will be primarily responsible for leading and developing Data protection services at Kiewit. This role acts as an expert for the DLP program including supporting the remote portions of the organization. By providing expertise, this role is jointly accountable for the implementation, leadership and oversight of the DLP programs and services. The role will help lead in determining risk measurement and level, risk mitigation approaches and implement effective solutions and governance functions. The lead is responsible for interpreting policy, implementing security safeguards that integrate into business workflows and provide input to the Kiewit information security program. This role will provide an excellent opportunity to liaise with key external and internal stakeholders while strengthening Information Security capabilities. The DLP Program Lead will work with our other Information Security teams to develop and enforce policies, procedures, and technical controls and supervise and develop the data protection services. This lead will be part of a cross-functional security risk team that gathers technical and procedural information, deploys necessary tools to test and validate IT infrastructure, identifies vulnerabilities, analyzes information derived from engagements to determine information security risks and provides remediation assistance. This role will report to the Information Security Manager. 

Responsibilities:
•    Accountable for the development, communication, implementation, reporting, maintenance and oversight of the DLP program and associated processes. Ensure alignment to approved standards and regulatory requirements/guidance.
•    Develop, maintain and implement improvements to a landscape of technical security safeguards, including assessment and deployment of new capabilities, technologies, and systems
•    Develops key performance indicators, service level objectives and other operational metrics to continually measure and improve cyber security 
•    Performs security knowledge transfer to assist making security part of normal IT and business activities 
•    Conduct research focused on identifying emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase security posture
•    Identify and understand issues, problems, and opportunities as applied to security architecture; obtain and compare information from different sources to draw conclusions, develop and evaluate alternative solutions, solve problems, and choose a course of action
•    Develop roadmaps and deployment plans for technical solutions and related procedures in line with the information security program, in collaboration with internal (IT, legal, audit, business and other) and external stakeholders.
•    Lead and at times, perform, the evaluation of information security components of the enterprise architecture, conduct feasibility studies for selecting appropriate and cost-effective solutions
•    Oversee the complete development and adoption of data security services to ensure adherence to security design patterns and operational best practices
•    Manage third party relationships relating to additional security services as required (e.g., service/control testing).
•    Enhance team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members
•    Work with the security engineering, CIRT and operations teams and where necessary third-party specialists to support design, development and implementation of information security safeguards
•    Enhance the data classification process ensuring systems and information assets are appropriately categorized 
•    Serve as point of escalation, review and approval for key issues and decisions for the Security Engineers, Incident Response, and Operations staff relating to data security services
•    Provide security-related metrics for dashboards and presentations
•    Crosstrain on all other security platforms to gain proficiencies in those tools and platforms.
•    Assist in responses to internal and external compliance audits, penetration tests and vulnerability assessments. 
•    Ensure Information security staffing, training, and people development needs are being met
•    Evaluate performance and competency development of resources assigned to your projects with regular and effective performance feedback
•    Encourage feedback from team members, department leads, and team members. Utilize such feedback for self-improvement
•    Perform internal controls and information security risk assessments of existing or emerging technologies to identify inherent risk and evaluate key mitigating controls
•    Interpret business requirements and functional specifications to recommend security requirements 
•    Educate yourself to stay abreast of the latest developments, leading practices and trends in IT Security standards and solutions
•    Demonstrate a willingness to challenge existing practices and act as a change agent by sponsoring continuous improvement initiatives
•    Demonstrated Customer service supporting the overall customer experience. 

Qualifications: 
•    Experience and commitment in delivering significant value to organization as a trusted advisor
•    Strong oral and written communication skills with ability to understand technology sufficiently to clearly communicate the complexity in simple terms to bring clarity for key stakeholders.
•    Ability to exercise high level of confidentiality when dealing with highly sensitive information
•    Ability to lead complex, cross-functional problem-solving initiatives
•    Experience in information technology related positions with working knowledge of IT infrastructure, networks, databases, processing systems, web applications, mobile technology, cloud, big data, software development, API’s, and virtualization.
•    In-depth expertise and working knowledge of information security principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
•    Strong knowledge of application, database, unstructured data, AAA, cloud and infrastructure security

Bonus Points:
•    A GSEC,CISSP, CISM or equivalent professional certificate is preferred
•    Experience managing and developing a security program aligned with an industry standard such as NIST 800-53 or ISO-27002
•    Demonstrated success delivering complex technology projects with an emphasis on high customer satisfaction. 
•    Demonstrated ability to develop metrics, perform critical analysis and develop executive decision support content. 
•    High level of accountability and ability to execute; experience of estimating and planning work effort including managing risks and issues in relation to delivery of work
•    Commitment to ongoing professional development and development of team capabilities
•    Strong project management skills and the ability to effectively manage resources 
•    Demonstrated experience with technology and security policy and administration
•    Strong knowledge of regulatory standards that govern Information Security practices and state and federal privacy laws 
•    Illustrates advanced knowledge of organizational, processes and business models

Other common names for this role: Security Analyst, DOP Specialist, etc. 

About Kiewit 
As one of North America's largest, most respected construction and engineering organizations, with 2018 revenues of $9 billion, Kiewit exists to make a difference. We improve and connect communities across the United States, Canada, and Mexico through complex projects in transportation, water/wastewater, power, oil, gas and chemical, building, industrial and mining. Our services are as diverse as the skills of our 20,000-strong workforce to whom we provide challenging, honest work in a caring and collaborative culture. A sense of adventure, pride and fulfillment is built into every career at Kiewit.

How We’re Different
•    Consistently ranked within the top five of the “Top 400 Contractors” according to Engineering News-Record 
•    Top-tier health, dental and vision insurance available from Day One of employment
•    401K savings plan that includes company dollar-for-dollar match on contributions up to 6 percent of base pay
•    Our employees are entitled to accrue at least 20 days paid time off each year
•    We spend an average of $8,500 per employee each year on training and career development and reimburse up to $5,250 per year in outside tuition costs

Kiewit is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.


Nearest Major Market: Omaha
Nearest Secondary Market: Council Bluffs

Job Segment: Engineer, Law, Information Systems, Compliance, Database, Engineering, Legal, Technology

Apply now »
Apply now
Share this Job