Subject Matter Expert

**Subject Matter Expert (Data Security)**:
We are looking for a motivated and experienced **Subject Matter Expert** with solid experience on Data Security to join our team

**Job Requirements and Qualification**:

- 5 years of relevant experience in the industry Mining, Resources, Banking or Telco, domain areas such as in Data Security, Insider Threat Mitigation, Endpoint/Cloud Security.
- Experience in managing DLP, CASB, Data Classification, IRM/DRM, DAM.
- Interest in people-centric security technologies & behavioral sciences to enhance insider threat mitigation.
- Very good understanding of Cybersecurity best practices, standards, and guidelines (NIST, NITTF, Privacy, CNSSD-504).
- Excellent verbal and written communication skills and the ability to interact professionally with a diverse group of stakeholders and SMEs.
- Strong analytical skills, including thorough understanding of how to interpret business needs and mapping data flows from multiple sources.
- Certified as Cyber Security Professional (CISSP and/or CISM, CISA, CRISC preferred or equivalent).
- Team player, highly self-motivated and able to work in full autonomy, prioritize and execute tasks.
**Job Roles and Responsibilities**:

Drive business collaboration and adoption of the data security tools, ensuring the business is trained in the appropriate usage thereof.
- Identify specific business opportunities for data security requirements and execute processes to capture new requirements and enable technical controls in response.
- Own and manage Information Protection tooling including review and approval of changes and system/product configuration.
- Develop and maintain close relationships and influence stakeholders to support business data protection from a proprietary data as well as from a privacy standpoint.
- Gather and analyze their needs in terms of data protection, formalize the necessary type of controls to mitigate the risk of data compromise and ensure audit trail of activities undertaken.
- Proactively lead the design review, threat modelling, security review and testing of systems from an insider threat point of view as well as reporting on issues identified and recommendations with a red team mindset.