Compliance Engineer

• As a Sr. Data Security and Compliance Engineer, you will be part of a highly collaborative team and work environment that delivers cutting edge data platforms and solutions at Client. The Security Compliance Engineer for Data Platforms is responsible for ensuring the security and compliance of data platforms within Client.
• This role involves implementing and maintaining security controls, policies, and procedures to protect data platforms from potential threats and vulnerabilities. The Security Compliance Engineer will collaborate with cross-functional teams to assess risks, monitor security incidents, and ensure compliance with industry standards and regulations.
• The role will also contribute to the development of security strategies and provide guidance to stakeholders on security best practices.

Responsibilities:

• Security Controls Implementation: Implement and maintain security controls across Snowflake data platform and Data Ingestion platforms including access controls, encryption, network security, and vulnerability management.
• Compliance Management: Monitor and ensure compliance with relevant industry standards, regulations (e.g., SOX, GDPR, HIPAA), and internal security policies.
• Risk Assessment: Conduct risk assessments on data platforms to identify potential vulnerabilities and threats. Provide recommendations and implement remediation measures to mitigate risks.
• Incident Response: Collaborate with incident response teams to investigate and respond to security incidents related to data platforms. Develop incident response plans and participate in incident response exercises.
• Security Audits and Assessments: Participate in security audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement. Address findings and implement necessary changes. Will work with Internal and external auditors to provide evidence required for compliance.
• Security Awareness and Training: Develop and deliver security awareness and training programs to educate employees on data platform security best practices.
• Documentation and Reporting: Maintain accurate documentation of security controls, policies, and procedures. Generate reports on security metrics, compliance status, and incidents for management and stakeholders.
• Security Strategy: Contribute to the development and execution of the organization's data platform security strategy. Stay updated on emerging threats and security technologies to recommend improvements.
• Conduct regular security audits and participate in SOX compliance audits, providing reports and recommendations for enhancements.