Solutions Engineering Lead

Overview

POSITION OVERVIEW

FNF is seeking a Solutions Engineering Lead of Data Protection & Governance (DPG) to join the Information Security Office (ISO). This position will be reporting to the Senior Director of Data Protection & Governance and will be responsible for developing and leading technology solutions for the following sub-domains:

Data in Transit Security - Data Loss Prevention (DLP)/ Insider Threat Management (InTM), DLP Investigations, Secure Data Transmission, Cloud Data Protection

Data at Rest Security- Data Security Posture Management (DSPM), Data Discovery, Data Inventory, Data Access Governance, Database Activity Monitoring

Data Protection Strategy & Governance- Security Metrics/Reporting, Governance Framework assessment, Policy & Standard development, Roadmap development, Line of Business consultation and governance.

This position will be responsible for leading solution engineering for Data Protection & Governance technologies, developing supporting programs and roadmaps. Ideal candidate must be fluent in Data Protection technologies with a focus on Data Loss Prevention (DLP), Data Access Governance (DAG), Data Inventory & Classification Solutions, Digital Rights Management (DRM), security best practices standards, and audit and regulatory frame works.

LOCATION

• This position can sit hybrid out of our HQ in Jacksonville, FL or be 100% remote.

DUTIES & RESPONSIBILITIES

• Partners with DPG SMEs to design, solution and support Data Loss Prevention technologies and operations both on premise and in cloud services.
• Partners with DPG SMEs to create requirements for evolving Data Protection technologies, security best practices in conjunction with security architecture.
• Assesses business requirements of the various lines of business and align solutions to balance enablement of the business with appropriate security controls.
• Partners with DPG SMEs to leverage data science and decision models to enhance DPG technologies and integrate with User Behavior Analytics (UBA) / User Entity Behavior Analytics (UEBA) solutions.
• Creates, documents, and manages the business process aspects of the DPG initiative including process and procedure manuals, training, employee communication, workshops, business unit orientation and on-boarding, and team meetings.
• Partners with DPG SMEs to deliver measurable metrics reporting, Key Risk Indicators (KRI’s) and Key Performance Indicators (KPI’s) that will be used for reporting to stakeholders and board of directors and continuous improvements for the program.
• Works with various Audit, Compliance and Assessment teams and programs to identify, assess and mitigate operational risks, evaluating the adequacy and effectiveness of the platform, standards, procedures, processes, and internal controls.
• Oversees adherence to applicable Security Controls, Policies, and Standards; partner with business owners and technology groups to synchronize plans to remediate gaps.

MINIMUM REQUIREMENTS

• BS/MS in Computer Science or Business with emphasis in IT or the equivalent combination of education, training, and work experience.
• Requires 10+ years of IT Security Engineering & Architecture related experiences in engineering and implementing Data Protection programs & technologies.
• Experience with Data Protection software solutions, design, and implementation (e.g., DLP= Proofpoint, Zscaler, Forcepoint; DSPM/DAG = Varonis, Stealthbits, Guardium; Data Inventory, Classification, DRM= Microsoft MIP, Purview, BigID)
• Requires 5+ years of experience in evaluating Data Protection technologies, gathering, developing, and documenting business/technical requirements, translating requirements to technology through evaluation and implementation.
• Experience interfacing with executive leadership to present both situation reports and business proposals for strategic change/improvements.
• Experience successfully working within a globally distributed/remote organization of team members and key program stakeholders.
• Experience mentoring and training peers and junior level resources.

PREFERRED EXPERIENCE

• Relevant cyber security certifications, such as CISSP, CISM, etc.