Senior Data Privacy and Protection Analyst

At Barings, we are as invested in our associates as we are in our clients. We recognize those who work diligently for us and reward them for personal and professional integrity, communication skills, distinct competencies and expertise in specific strategies, ability to collaborate as a team member and true dedication to the interests of our clients.

We thank you for your interest in joining the Barings team, and invite you to explore our current employment opportunities.

Title: Senior Data Privacy and Protection Analyst  

Department: Information Security

Location: Charlotte, NC or London, UK

Job Summary

The Senior Data Privacy and Protection Analyst utilizes business knowledge in combination with technical skills to monitor, detect, identify, analyze, evaluate, report and assist in the response of data privacy and protection related security events.  The Data Privacy and Protection (DPP) team operates in partnership with the Cyber Security, Governance and Operations teams to drive a security-first IT organization.

This role will work closely with all areas of IT, business units, strategic partners and vendors to ensure proper privacy and protection controls are implemented in an effort to reduce risk to the global firm. This role requires expertise in problem solving and a solid understanding of common security controls and data privacy.

Primary Responsibilities

The Senior Data Privacy and Protection Analyst is responsible for daily monitoring and evaluation of data events. The candidate should be passionate about information protection and data usage, including the willingness to learn, adapt and advance. This position will constantly monitor developments in data privacy and protection areas and data security technologies alongside global changes in data privacy laws as well as general information security best practices and new technologies.

As part of these processes:

• Assistance with internal monitoring, alerting, incident management and other ‘business as usual’ privacy & protection tasks.
• Operation of Data Security IT controls (for example: Palo Alto, Purview and Proofpoint)
• Production of comprehensive documentation and reporting.
• Maintain a sufficient level of knowledge of the prevalent technical and privacy risks to Barings to assist in the prioritization of response plans and mitigating controls.  

The expectations of this position, as stated above, are not all inclusive, but do indicate the major responsibilities of the position. Other responsibilities may be assigned as necessary to support the business environment.

Skills

• Technical, security vendor or cyber-risk certifications such as CISSP, CompTIA Security+, GSEC, GCIH, CCSP, Microsoft SC-200/400, CISSP, CTIA, OSCP.
• Proven experience with security technologies such as SIEM platforms, Endpoint Detection & Response, DLP, WAF, CASB, SASE and Privilege Access Management.
• Familiarity with secure architecture principles, zero trust and cloud security principles and settings.
• Good understanding of Security frameworks NIST CSF, ISO 27001, CIS controls, MITRE ATT&CK.
• Event Monitoring and Incident Response.
• Understanding of encryption mechanisms (data at rest and transit)
• (Basic) scripting and coding i.e. regex, specifically to be able to write\understand data parsing expressions.
• General understanding of Risk Management Frameworks.
• Represent Data Security at appropriate risk oversight committees and boards.
• Contribute to the development, implementation, delivery and support of the IT Security strategy.
• Ability to collect, describe and display technical information in a way to help decision making.
• Strong troubleshooting and problem solving skills.
• Promote a culture of secure by design
• Ability to work independently.

Qualifications

• Bachelor’s degree in Information Systems, Computer Science, Information Security, Cybersecurity, Information Assurance (IT related) or equivalent experience, preferred.
• 2+ years of technical and hands on experience in information security – though not necessarily in a corporate environment if such experience is demonstrable.
• Strong problem solving skills and thinking outside the box.
• Strong analytical skills required.
• Excellent verbal and written communication skills and the ability to interact professionally with a diverse group including; executives, managers, IT personnel, and subject matter experts.
• Ability to communicate clearly and effectively within various levels of the organization.

Certifications

• With proven experience in a senior security or IT infrastructure operations role
• Understanding of Data security objectives for large financial service businesses
• Experience in a regulated industry is highly desirable; financial services preferred
• IAPP certifications such as CIPM, CIPP/EU or CIPT certification or an academic equivalent of these certifications

Requisite Skills

Additional Skills

Barings is an Equal Employment Opportunity employer; Minority/Female/Age/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply.