Principal Information Security Specialist
Mumbai, IN
Nomura
Nomura Holdings website. Group companies, news releases, services, CSR, IR, careers information.Duties & Responsibilities:
Job Overview:
Global CISO (Chief Information Security Office) is looking for a Senior Data Security Engineering professional, this individual will lead data security engineering initiatives and collaborate closely with other technical and business stakeholders to protect and secure sensitive information. The ideal candidate has extensive knowledge in data security engineering, is adept at managing complex data security projects, and deliver enterprise level data protection solutions.
As the senior Data Security Engineering professional, you will have the opportunity to shape and define Nomura’s data security engineering roadmap, lead strategic deliveries, and drive compliance with regulatory and industry standards.
Responsibilities:
- Lead the data security engineering team, providing mentorship, guidance, and support to ensure successful project delivery and career development.
- Define the data security delivery roadmap in alignment with overall security and business objectives.
- Develop & Implement data discovery, classification, and labelling activities using tools such as BigID, Microsoft Information Protection (MIP), and other similar solutions.
- Develop and implement robust DLP and DRM solutions across different data exfiltration channels such as Email, Web, Print, USB etc.
- Develop automated workflows and processes for data protection across structured and unstructured data sources.
- Implement data security technologies and tools such as key management, encryption, masking, and tokenization.
- Partner with cross-functional teams including product management, architecture, operations, and data governance.
- Act as the subject matter expert (SME) on data security topics and provide guidance to leadership and technical teams.
- Develop best coding practices for consistency, maintainability, scalability & documentation.
Essential:
- Established Data Security Engineering lead with at least 13 years within the broader Information Security engineering disciplines and technologies.
- At least 5 years of experience in security engineering, with a focus on data security, secrets management, and encryption.
- Proven experience in leading and managing a team of data security engineers.
- Hands-on experience in setting up development/engineering activities throughout SDLC including integration with CI/CD pipeline.
- Hands-on experience with data security tools such as BigID, Microsoft Information Protection (MIP), Symantec DLP, IBM Guardium, or similar.
- Expertise in data protection technologies, including DLP, DRM, data classification, encryption, masking, and tokenization.
- Strong knowledge of encryption standards and technologies, such as AES, RSA, and PKI and key management tools & technologies such as HSMs, AWS KMS, or similar.
- Strong understanding of industry best practices on code maintenance, versioning, branching and documentation.
- Proficiency in scripting (e.g., Python, PowerShell) and programming languages (e.g. Java, C#) for automation, custom development etc.
- Experience in secrets management tools and technologies, such as HashiCorp Vault, Conjur, AWS Secrets Manager or similar.
- Demonstrable understanding in cloud security and securing data in cloud platforms (AWS, Azure, GCP etc.).
Beneficial:
- Advanced security certifications such as CISSP, CISM, CCSP, or equivalent.
- Experience in developing and managing data security programs and strategic initiatives.
- Knowledge of established information security frameworks and standards (i.e. NIST, ISO2700, CSA, SCF) and their application into diverse environments.
- Knowledge of emerging technologies such as artificial intelligence and machine learning for data security analytics, PQC etc.
- Familiarity with security operations tools, SIEM platforms, and incident management systems.
Personal Characteristics:
- Excellent interpersonal skills with the ability to build and influence; and self-motivated.
- Committed to continuous improvement for team and self.
- Ability to run with multiple tasks concurrently and manage expectations appropriately.
- High level of integrity, professionalism, and attention to details.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AES Analytics Artificial Intelligence Automation AWS Azure C CCSP CI/CD CISM CISO CISSP Cloud Compliance Encryption GCP Governance Java Machine Learning NIST PKI PowerShell Python RSA Scripting SDLC SIEM
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.