Director, Database Security and Data Protection

Position: Perm 
Location: 2255 Sheppard Avenue East – remote to start. 

Job Description:
Creating and managing the global data loss prevention (DLP) strategy for an enterprise hybrid cloud environment, working with both architecture, IT and business partners.
Reporting to the AVP of Security Initiatives, the Director of Database Security and Data Protection will be accountable for the strategy, delivery, implementation and management of data security solutions in support of the overall Information Security program.  This includes working with the Data and Security Architects to develop a 3-5 year strategic investment plan to further improve our data loss prevention (DLP) posture and continued protection of our database environments, supporting Sun Life's mission-critical applications.
The Director of Database Security and Data Protection advises the AVP of Security Initiatives and the CISO on security direction, resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other Sun Life leaders to set the best balance between security strategies and other priorities at the Enterprise level.
Due to the strong strategic relationship with Data Management Services, the Director of Database Security will have a dotted line reporting to AVP of Data Management Services.   The Director of Database Security will be accountable for database security initiatives, developing database security strategy, and overall delivery.
 
Key Responsibilities/Job Functions:

• Create and manage the global data loss prevention (DLP) strategy for an enterprise hybrid cloud environment, working with the required architecture, IT and business partners
• Develop ongoing strategy for securing database technologies. An ability to translate knowledge into strategies, roadmaps and patterns is critical.
• Provide strategic data security direction and in-depth expert knowledge in securing database environments required to support Sun Life's mission-critical applications.
• Provide guidance on data loss prevention best practices and provide direction on how to ensure our on premise, cloud and supporting ecosystems are secure from data loss vectors
• Lead a global team of database security analysts who are operational custodians of all aspects of the Guardium Database Activity Monitoring (DAM), Guardium Data Encryption (GDE) and Vulnerability Assessment (VA) infrastructure. This includes installation, patching, upgrades and full lifecycle support.
• Provides oversight on the development, implementation and maintenance of database activity monitoring and data encryption policies in co-ordination with Database Subject Matter Experts, cross functional Information security teams and Data Governance teams
• Product stewards for Guardium Data Encryption (GDE) Key Management Server
• Performs regular Database Vulnerability Assessments scans against on all database environments.  Oversees, the monitoring, reporting, compliance and related remediation efforts of open database vulnerabilities.  Present Vulnerability Assessment results to leadership teams and executive steering committees.
• Ensure database monitoring protection, processes, and governance are in place to monitor, detect, prevent and proactively react to database security threats
• Participate in Information Security policies reviews and identify security policy changes that will potentially impact database environments and brings awareness to the process to implement security strategies to ensure prevention of data loss, database service interruptions and infrastructure stability.
• Ensure database security is incorporated in all major database initiatives through close collaboration with database teams and enterprise architecture.
• Develop, maintain and deploy database hardening standards that are aligned with industry best practices (CIS, STIG)
• Defining and documenting data security principle, standards and guidelines
• Oversight and management of third party security services vendors
• Provide leadership and direction in support of crisis management, business continuity, disaster recovery, and incident response.
• Ensure adherence to company policies for audit and security requirements.
• Participate in required support processes, such as budget and supply/demand, with respect to anticipated demand. Provide historical analysis, trending and costing models that forecast the total cost of deployment, ongoing maintenance
• Manage and direct team performance, establish a program of continuous improvement while ensuring employees are developing and progressing towards their objectives to maintain a high performing team
• Work with leaders, at all levels, in proactive advancement of Guardium in order to leverage new technologies for business advancement.
• Network with IT Security Professional, Technology Vendors and Industry contacts in order to keep up to date on how data security technologies are leveraged.
• Upward communication of project deliverables, status and escalations to the executive level. In partnership with the Security Delivery Office
• Participate and chair global database security meetings with NA and Asia leadership teams to review overall database security program initiatives which includes Database Vulnerability Assessments, Database Hardening Assessments and Compliance, Data Activity Monitoring Program, Security Policy Exception tracking and other relevant Info Security program updates. 

Qualifications:

• Capable of creating the strategy for and driving the implementation of an enterprise wide Data Protection (Data Loss Prevention – DLP) program.
• Understanding of public, private and hybrid cloud security architecture of IaaS, PaaS and SaaS as it relates to Data Security and Data Protection.  Knowledge of major cloud service providers.
• University degree/college diploma in related discipline(s) or equivalent work experience, and/or 12+ years in security IT industry experience.
• Professional designation in IT security management (such as CISM, CISSP, CISA) preferred
• Good working knowledge of relevant database technologies across the spectrum of DBMS's, in particular Microsoft SQL Server, Oracle DB, DB2, PostgreSQL, and other relational database technologies.   Application database operating systems in Windows, Linux and Unix
• Strong knowledge of data security monitoring, data security analytics, security operations and information security management
• Experience in Enterprise sized organizations.  Good working knowledge of support processes such as Incident, Problem and Change Management,
• Team management and people leadership. Strong presentation, consulting, negotiation, management, interpersonal, communication, motivational, organizational, and planning skills to mentor a team of systems specialists who are serving a variety of business units' needs.
• Knowledge and understanding of relevant legal and regulatory requirements such as Sarbanes-Oxley Act (SOX)
• Expert analytical and problem solving skills.
• Nice to have would be experience with data protections tools, IBM Guardium (or similar), McAfee DLP, CASB (MVision)