Data Privacy Officer (CISO Office)

  • Category: Support Services
  • Team: Internal Risk and Compliance
  • Location: Chicago, Illinois United States

Description

Position at Trustwave

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely. Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.

Trustwave is looking for an Infosec practitioner with experience in Third Party Risk Management and Data Loss Prevention. These aspects play a critical role in the protection of our corporate and commercial infrastructures. Are you ready to run fast and keep up with the speed of commercial security needs? Are you passionate about risk management in the security industry? Come join the Trustwave CISO's office and make a difference.

The ideal candidate should have a successful history delivering remediated Risks, establishing and maintaining partnerships in organizations, and supporting Security Risk reduction across the company.

This role requires you to possess the technical skills to set high security standards with risk owners and the larger organization with the drive and experience to effectively scale in the fast-paced Global Cybersecurity Organization. You should know how to prioritize, communicate clearly and compellingly, and understand how to measure and drive improvement.

If you understand risks and risk requirements, can translate those insights to decision makers, come enjoy the benefits a solid teamwork and the power of unity in the Trustwave CISO's Office.

Can you lead the discussion and collaborate with Risk Owners on remediation of their issues, then come join us. 

Do you have the discipline, confidence and follow through to deliver results when the going gets ambiguous? We are looking for an individual with strong passion for ownership and accountability? 

You will be a critical part of an organization focused on positively influencing the security culture, with the ultimate goal of reducing security risk and ensuring the continued safety and security in our global data loss prevention, data privacy and third party risk assessment operations.

Responsibilities:

  • Own and lead a Risk Management program, providing strategic direction and day to day oversight.
  • Manage the Risk Management Framework, including identification of new and emerging risks.
  • Maintain a prioritized roadmap to address gaps and improve practices.
  • Communicate risk posture and risk tolerance to leadership, customers, and partners in a consistent voice and format.
  • Coordinate with Service Owners to assess risks and align controls across platforms.
  • Evaluate known issues and partner to identify/validate root causes and solutions.
  • Monitor and assess supplier performance to ensure compliance with client TPRM, regulatory requirements and service level agreements
  • Assess and monitor TPRM lifecycle activities (risk assessment & due diligence, contract negotiation, ongoing monitoring and termination), providing TPRM guidance to Vendor Relationship Owners, Client Audits team and partners
  • Update TPRM procedures to align with client TPRM guidelines.
  • Update TPRM procedures and risk rating methodology periodically with Operational Risk
  • Prepare third-party risk reports
  • Drive effective teamwork, communication, collaboration and commitment across multiple groups as part of the organization's remediation effort.
  • Communicate project issues and status in a concise, accurate, and professional manner
  • Work with vendors to support the DLP technology (troubleshooting, upgrades, etc.)
  • Administration of the DLP tools which includes configuring policies and reporting
  • Monitor and respond to alerts generated from the DLP systems and other technologies
  • Understand and follow the incident response process through event escalations
  • Respond to escalations by the Incident Response Team
  • Follow processes to maintain the DLP system 


Knowledge, Skills and Experience Requirements

  • Administration of the DLP tools which includes configuring policies, upgrading and patching, etc.
  • Proven effective verbal and written communication skills
  • Ability to independently research and solve technical issues
  • Demonstrated integrity in a professional environment
  • Knowledge of core Information Security concepts related to Governance, Risk & Compliance
  • Excellent teaming skills
  • Good social, communication and technical writing skills
  • Ability to work in and adapt to a changing environment
  • Respond to escalations by the Incident Response Team
  • Information Security concepts related to Governance, Risk & Compliance
  • Data Loss Prevention (DLP) Technology support and Event Handling 


Education Requirements

  • We prefer college-educated applicants, but if you have a, high school diploma or equivalent and can prove you have what it takes let us know.
  • Real world experience is preferred over certifications, but Professional certifications such as the Security+, GCIA, and/or CISSP would be nice to have 


Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

To All Agencies:
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

 

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. Offering a comprehensive portfolio of managed security services, consulting and professional services, and data protection technology, Trustwave helps businesses embrace digital transformation securely.Trustwave is a Singtel company and the global security arm of Singtel, Optus and NCS, with customers in 96 countries.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.