Job Description

Overview

Together We Protect. Together we Change.

Want to apply your Insider Threat and Data Loss Prevention skills for a Fortune 200 company? If you have 8 plus years for IT experience, with at least 6 years in information security, along with experience in Data Loss Prevention and Insider Threats, we want to speak with you!

At Altria, we’ve developed an exciting new digital strategy, and now we need a Sr. Data Loss Prevention & Insider Threat Lead to help us reach our goals. Working within the Threat Detection and Response group (TDR), you’ll lead the development of a new Insider Threat Program while ensuring the smooth running of our existing DLP. You’ll work with technical and non-technical business partners alike. You’ll improve policy, process, technology, and Managed Service Provider governance. And you’ll use your data savvy to head off cybersecurity threats before they can manifest. We are open to remote work arrangements.

Altria’s digital evolution

We’re undergoing an exciting transformation at Altria. Led by our new Chief Digital & Technology officer, we’re streamlining processes, improving customer experience, and using cutting-edge intelligence to forecast and respond to trends. Our digital strategy will improve consumer, customer, and supply chain experiences business wide. And as a leader in Data Loss Prevention & Insider Threat, you’ll help us to achieve these ambitions in a safe, sustainable way.

What you will be doing:

Leading the development, and subsequent operationalization, of Altria’s Insider Threat Program
Driving continuous improvement of the DLP and Insider Threat program through strategic planning, strong governance of managed service providers, thoughtful engagement with business partners, and development of a thorough understanding of business practices to identify data loss and insider threat concerns; translating them into configurable technical policies.
Driving the optimization of robust and effective steady state DLP and Insider Threat program technical infrastructure and processes. Including development and qualification of new use cases, and associated development of new rules, testing, and tuning within associated technologies.
Providing ongoing governance and management of Managed Service Providers to ensure service delivery in accordance with contractual obligations, and meeting of Altria expectations.
Leading the creation of metric based reporting to aid in identification of risks, support continuous risk reduction, and drive delivery of managed services, constantly seeking opportunities to improve effectiveness of controls.
Driving the quality execution of DLP and Insider Threat program projects in accordance with project timelines.
Delivering effective, timely, and succinct communication of important topics, risks, and issues to relevant business partners.

We want you to have:

8+ years IT experience with at least 6 years in an information security role and related experience with Data Loss Prevention and Insider Threat Programs.
Knowledge of DLP technologies like Symantec/Broadcom DLP Suite, Symantec/Broadcom Cloud Access Security Broker (CASB), Symantec/Broadcom SEP, Microsoft Security Suite (Defender, DLP for OneDrive, etc.), and Microsoft AIP.
Knowledge of UEBA/UBA technologies such as Exabeam, Varonis, Qradar and Microsoft Cloud App Security.
Broad knowledge of Cloud Solutions (IaaS, PaaS, SaaS), IT technologies, operating systems, applications and network security platforms; including, Security Information and Event Management (SIEM) systems such as Qradar and Sentinel.
Broad understanding of IT security concepts and Defense-in-Depth practices.
Strong verbal/written communication, with ability to effectively interact with individuals at all levels of responsibility and authority; must be able to prioritize, delegate and foster the development of teams to lead/support an environment driven by customer service and team work; Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously; ability to participate in resource planning processes based on defined organizational plans.

Preferred:

BS in Cyber Security, Information Systems, Information Technology, or Computer Science
Experience working in an Azure cloud environment including security solutions such as Sentinel and integrated QRadar.
Experience with SOAR concepts, implementation and execution
Security certifications desired: CISSP, GCIH, CERT Insider Threat Manager or related