6961 - Data Protection and DLP Program Manager (Must be local to Sacramento and be able to work on site)
Sacramento, California
Employer: Staff Tech
Industry:
Salary: Competitive
Job type: Full-Time
6961 - Data Protection and DLP Program Manager (Must be local to Sacramento and be able to work on site)
Location : Sacramento, Ca
Job Type : Temp/Contract
Reference Code : 6961
Hours : Full Time
Travel : No
Relocation : No
Job Description :
Contractor shall provide direction on industry standard best practices and compliance standards for Data Protection with focus on Data Classification and Data Loss Prevention (DLP). The scope shall include but not be limited to business requirements documents, system requirements documents, data flow diagrams, as-is and to-be, and requirements traceability matrix. Contractor's work shall include the following:
Review and recommend enhancements to the proposed Data Protection Program and its components: Data Classification and Data Loss Prevention (DLP), aligning these with the security program and architecture and defined data protection objectives and goals.
Review and/or revise and/or define and/or develop:
classification levels, discovery and classification initiatives, including identifying taxonomy for labels, data, and terms by outlining the categories needed for sensitivity labels, what information types need to be protected, and what levels of protection or security controls are needed per label.
data handling requirements and policies throughout the data lifecycle.
Data Classification and DLP Implementation Plan
Data Classification and DLP Administration and Monitoring Plan.
tactics for measuring and improving the program (metrics of effectiveness).
Provide guidance and/or develop the enterprise Data Classification and DLP policies.
Lead and provide guidance on Data Classification implementation, which includes Data Inventory and Data Prioritization.
Provide guidance on the assessment and selection of the appropriate technical solutions or tools. In order to meet both information security policy compliance requirements and military assessment findings, the enterprise DLP solution shall consist of a technical solution that integrates business functions and processes. Needed capabilities shall include: Optical Character Recognition (OCR) technology, end point protection, information security controls, compliance and policy customizations, develop DLP use cases to identify data types such as PCI, PHI, PII, data labelling and governance, M365 email integration, Cloud access security brokers (CASB), data discovery, data protection at rest and transit, network data protection, cross functional integration capabilities with existing DGS IT infrastructure, visibility to all data all the times, analytics to understand and manage risk, and consolidated view of all threats to sensitive data.
Provide guidance on and/or develop DLP rules and technical policies, including incident response strategies.
Lead and provide guidance to staff on configuration, implementation, testing, optimization, and deployment of the selected DLP tools and their integration with other systems or tools.
The Contractor shall transfer knowledge tostaff so that they may be able to conduct ongoing data classification and DLP administration on its own. Contractor shall develop a training program for staff involved in the administration/management of the Data Protection Program - with focus on Data Classification and DLP solutions.
Contractor shall assist or facilitate documentation of requirements of the California Department of Technology (CDT) Project Approval Lifecycle, Stage 2: Alternatives Analysis (S2AA).
Contractor shall provide direction on DLP functional requirements to be included in procurement documents based on workflow processes, reporting requirements and business needs. In coordination with the project team, Contractor shall draft and finalize a procurement package for the purchase of any DLP solution and develop potential solution/vendor contact list.
Contractor shall be responsible for providing touchpoint meetings and update the state at a frequency that will be determined and is best suited per the pace of the project, as outline by the project management plan timeline
Required Qualifications :
A minimum of seven (7) years information technology experience, five (5) years of which shall include performance of highly specialized work in a lead or expert capacity.
A minimum of five (5) years full time experience gathering business, functional and technical requirements.
A minimum of (5) years full time experience with Data Classification program development and implementation.
A minimum of five (5) years full time of experience with
analysis and implementing enterprise DLP solution(s)
performing DLP on a large-scale IT engagement similar in scope and size as the DGS organization.
knowledge and experience implementing enterprise DLP architecture and technical solution(s).
implementing enterprise DLP processes including developing use cases, data classification, policy customization and integration with proposed technical solution.
experience on a Large-scale IT Engagement with functions that include preparation of deliverables; task monitoring, management, and coordination; and developing communication plans, project schedule management, and status reports.
a Large-scale IT Engagement performing technical and analytical tasks that include configuring a DLP enterprise server environment, monitoring and detecting sensitive and personally identifiable information (PII) during data at rest and data in motion, and applying security polices within a DLP enterprise environment.
performing DLP tasks that include knowledge and experience with DLP tools; Data Classification Tools; implementation and modification of DLP policies; configuration; and optimization of a DLP solution.
and knowledge of DLP best practices, DLP Enterprise Architecture, and process flow diagram creation.
A minimum of three (3) years full time of experience facilitating sessions with multiple stakeholders dealing with highly regulated, complex processes.
A minimum of three (3) years full time of experience in defining process metrics and key performance indicators.
A minimum of three (3) years full time of experience in communicating complex business rules and regulations.
Location : Sacramento, Ca
Job Type : Temp/Contract
Reference Code : 6961
Hours : Full Time
Travel : No
Relocation : No
Job Description :
Contractor shall provide direction on industry standard best practices and compliance standards for Data Protection with focus on Data Classification and Data Loss Prevention (DLP). The scope shall include but not be limited to business requirements documents, system requirements documents, data flow diagrams, as-is and to-be, and requirements traceability matrix. Contractor's work shall include the following:
Review and recommend enhancements to the proposed Data Protection Program and its components: Data Classification and Data Loss Prevention (DLP), aligning these with the security program and architecture and defined data protection objectives and goals.
Review and/or revise and/or define and/or develop:
classification levels, discovery and classification initiatives, including identifying taxonomy for labels, data, and terms by outlining the categories needed for sensitivity labels, what information types need to be protected, and what levels of protection or security controls are needed per label.
data handling requirements and policies throughout the data lifecycle.
Data Classification and DLP Implementation Plan
Data Classification and DLP Administration and Monitoring Plan.
tactics for measuring and improving the program (metrics of effectiveness).
Provide guidance and/or develop the enterprise Data Classification and DLP policies.
Lead and provide guidance on Data Classification implementation, which includes Data Inventory and Data Prioritization.
Provide guidance on the assessment and selection of the appropriate technical solutions or tools. In order to meet both information security policy compliance requirements and military assessment findings, the enterprise DLP solution shall consist of a technical solution that integrates business functions and processes. Needed capabilities shall include: Optical Character Recognition (OCR) technology, end point protection, information security controls, compliance and policy customizations, develop DLP use cases to identify data types such as PCI, PHI, PII, data labelling and governance, M365 email integration, Cloud access security brokers (CASB), data discovery, data protection at rest and transit, network data protection, cross functional integration capabilities with existing DGS IT infrastructure, visibility to all data all the times, analytics to understand and manage risk, and consolidated view of all threats to sensitive data.
Provide guidance on and/or develop DLP rules and technical policies, including incident response strategies.
Lead and provide guidance to staff on configuration, implementation, testing, optimization, and deployment of the selected DLP tools and their integration with other systems or tools.
The Contractor shall transfer knowledge tostaff so that they may be able to conduct ongoing data classification and DLP administration on its own. Contractor shall develop a training program for staff involved in the administration/management of the Data Protection Program - with focus on Data Classification and DLP solutions.
Contractor shall assist or facilitate documentation of requirements of the California Department of Technology (CDT) Project Approval Lifecycle, Stage 2: Alternatives Analysis (S2AA).
Contractor shall provide direction on DLP functional requirements to be included in procurement documents based on workflow processes, reporting requirements and business needs. In coordination with the project team, Contractor shall draft and finalize a procurement package for the purchase of any DLP solution and develop potential solution/vendor contact list.
Contractor shall be responsible for providing touchpoint meetings and update the state at a frequency that will be determined and is best suited per the pace of the project, as outline by the project management plan timeline
Required Qualifications :
A minimum of seven (7) years information technology experience, five (5) years of which shall include performance of highly specialized work in a lead or expert capacity.
A minimum of five (5) years full time experience gathering business, functional and technical requirements.
A minimum of (5) years full time experience with Data Classification program development and implementation.
A minimum of five (5) years full time of experience with
analysis and implementing enterprise DLP solution(s)
performing DLP on a large-scale IT engagement similar in scope and size as the DGS organization.
knowledge and experience implementing enterprise DLP architecture and technical solution(s).
implementing enterprise DLP processes including developing use cases, data classification, policy customization and integration with proposed technical solution.
experience on a Large-scale IT Engagement with functions that include preparation of deliverables; task monitoring, management, and coordination; and developing communication plans, project schedule management, and status reports.
a Large-scale IT Engagement performing technical and analytical tasks that include configuring a DLP enterprise server environment, monitoring and detecting sensitive and personally identifiable information (PII) during data at rest and data in motion, and applying security polices within a DLP enterprise environment.
performing DLP tasks that include knowledge and experience with DLP tools; Data Classification Tools; implementation and modification of DLP policies; configuration; and optimization of a DLP solution.
and knowledge of DLP best practices, DLP Enterprise Architecture, and process flow diagram creation.
A minimum of three (3) years full time of experience facilitating sessions with multiple stakeholders dealing with highly regulated, complex processes.
A minimum of three (3) years full time of experience in defining process metrics and key performance indicators.
A minimum of three (3) years full time of experience in communicating complex business rules and regulations.
Created: 2024-05-19
Reference: 6961
Country: United States
State: California
City: Sacramento
ZIP: 95820