First Quality Enterprises, Inc. (FQE), founded in 1988, is a global multi-billion dollar privately held company with over 5,000 employees. Its corporate offices are located in Great Neck, New York, with manufacturing facilities and offices in Pennsylvania, South Carolina, Georgia, Canada, and China. FQE is a diversified family of companies manufacturing consumer products ranging from Absorbent Hygiene (adult incontinence, feminine care, and baby care), Tissue (bath and towel), and Industrial (non-woven fabrics, print and packaging materials, thermoformed plastics), serving institutional and retail markets throughout the world. FQE focuses on private label and branded product lines.
Our core business philosophy is built on a proud culture driven by safety and quality, respect, humility, integrity, customer focus, and teamwork. With leading edge manufacturing technologies and processes and visionary leadership, FQE is positioned to continue significant growth in the coming years. We are seeking an experienced Information Security Data Loss Prevention Manager for our First Quality Enterprises business. This position will be located in Great Neck, NY.
This position is responsible for the overall Data Governance Program which consists mainly of the implementation of a Data Classification and Data Loss Prevention program. This includes support of technologies, processes and user training & awareness. This position has several principle responsibilities as outlined below. This position reports to the Director of Information Security Strategy and Governance.
The Manager of the Information Security Data Loss Prevention program will be tasked with identifying, classifying and tracking data throughout the enterprise based on First Quality's data classification levels. The manager will determine if adequate security controls are in place or if additional controls are required to protect the data based on regulatory, legal and best practice requirements. The Data Loss Prevention Manager will work alongside the Director of Information Security Strategy and Governance and other team members to enable DLP rules in existing toolsets and manage future DLP solution(s) deployments. The Manager will be responsible for reviewing and escalating issues related to DLP. The Manager shall ensure sound security practices are built in throughout the data management lifecycle from creation through retention and disposal.
Primary responsibilities include:
- Mature the Data Classification Program by identifying and classifying data throughout the enterprise and at third parties
- Mature the Data Loss Prevention Program by defining DLP rulesets in existing tools such as Varonis, CASB, Next Generation Firewalls etc. and review outputs to determine the appropriate action required
- Develop and drive the implementation of security best practices and standards to mature the overall Data Governance Program which includes defining data security controls throughout the data lifecycle from creation through disposal
- Work with business to identify Data Owners and educate and train Data Owners on their security responsibilities
- Directly responsible for developing, implementing and assessing data security procedures and controls to ensure compliance with applicable regulatory and legal requirements, First Quality policies as well as leading industry practices
- Drive appropriate stakeholder participation in evaluation of risk and control effectiveness
- Establish and maintain Key Performance Indicators (KPIs)and Key Risk Indicators (KRIs)for the Data Governance security program and initiatives
- Maintain expertise on security trends through training and research to ensure potential security exposures can be mitigated
- Liaise with key functional teams such as HR, IT, Digital Strategy, Finance, Internal Audit, Enterprise Risk, Quality, Office of General Counsel and the Business to identify data and apply appropriate security controls to secure the data
- Work with the Office of General Counsel to ensure the Information Security team stays abreast of new regulatory, legal and/or compliance data security requirements
The ideal candidate should possess the following skills:
- B.Sc. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent); Security certifications such as CompTIA Security +, CISSP, CISA, or equivalent or working towards certification is preferred
- 5 - 7 years' experience working directly in an Information Security or Information Technology department with experience in data loss prevention programs and data classification
- Experience in designing and implementing technical solutions for data security, including DLP, Digital Rights Management, eDiscovery and encryption
- Proficiency with technologies such as CASB, Digital Rights Management, eDiscovery, SharePoint, Varonis, CyberArk, 0365 suite of applications
- Excellent written and oral communications skills; ability to lead discussions, present complex ideas to audiences of all sizes, and interact with all levels of the organization
- Ability to work collaboratively in a team environment
- Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, ISF Standard of Good Practice, HIPAA
- Ability to work independently with little direction and/or supervision
- Ability to prioritize and multitask and a work approach that supports flexibility and adaptability is paramount
- Ability to communicate security risks to non-technical business stakeholders
- Big 4 experience a plus
- Occasional travel: Up to 15%
Excellent compensation and benefits, which are effective the first day of employment!
Equal Opportunity Employer
Careers.org gives you access to over a million jobs and career opportunities across the US including in Great Neck.
Find your perfect job and apply directly through a simply online application process