Data Protection Analyst
New York Life Insurance Company ("New York Life" or "the company") is the largest mutual life insurance company in the United States. Founded in 1845, New York Life is headquartered in New York City, maintains offices in all fifty states, and owns Seguros Monterrey New York Life in Mexico.
New York Life is one of the most financially strong and highly capitalized insurers in the business. The company reported 2016 operating earnings of $1.954 billion. Total assets under management at year end 2016, with affiliates, totaled $538 billion. As of year-end 2016, New York Life's surplus was $23.336 billion. New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody's Aaa; Standard & Poor's AA+. (Source: Individual Third Party Ratings Report as of 8/17/16).
Financial strength, integrity and humanity-the values upon which New York Life was founded-have guided the company's decisions and actions for over 170 years.
The Data Protection Analyst is skilled professional who enjoys security / privacy / risk related work and is knowledgeable in data protection including but not limited to data loss prevention, discovery, data classification and data access. This person will be responsible for supporting our data protection operations and will work closely with our 3rd party partners in support of the data protection platforms.
The well qualified candidate will work within our data protection program to enable the operational needs and requirements to support the various data protection services such as (but not limited to) DLP, DAR, and database protection. The candidate will also engage with our managed service providers to ensure they are performing their required responsibilities and continuously look for process improvements.
Role & Responsibilities
- Principal data protection analyst responsible for supporting data protection tools, processes and service providers
- Understand, utilize, monitor, and assist in the support of data protection tools: Symantec Data Protection Suite (Insight, Vontu, etc) Varonis, Imperva, and others.
- Ability to fully understand business requirements and work with business partners to define appropriate solutions; meeting both security mandates and business needs.
- Be a champion for data protection and information security; including broadening awareness, use of the team's services and education of security best practices.
- Provide mentorship and support to teammates with regard to data protection and mitigation techniques and approaches.
- Using a risk based approach, analyze New York Life data protection against open / closed information sources to best prioritize vulnerability hygiene activities.
- Develop and improve KPIs, metrics, and trend analysis for data protection functions.
- Ensure follow up and resolution to system alerts
- Follow up on data protection alerts with business users and systems owners
- Collaborate with data protection engineering team, providing continuous improvement feedback loop
- Work with data protection engineering on systems maintenance, upgrades, and implementations
- Work with business users to understand business process to better tune monitoring systems
- Create and maintain runbooks and/or Standard Operating Procedures
- Produce reporting as required to manage systems as well as providing management with required monthly, quarterly, yearly and adhoc
- Work with 3rd parties, monitor activities, and ensure SLA compliance
- Ensure compliance with IT GRC's and TDLC
- Escalate issues and collaborate with engineering, 3rd parties, Event Management, Threat Intelligence and Incident response.
- Familiar with industry standard security best practices and vulnerability management processes; including vulnerability management standards and regulatory compliance reporting
- Experience with vulnerability scanning tools (Qualys preferred) and other vulnerability and risk management reporting platforms (RiskSense Preferred).
- Demonstrate knowledge of IT security / hardening best practices; including but not limited to operating systems (e.g.; Windows, Unix, Linux), web applications, and network devices.
- Demonstrated knowledge of networking concepts and devices (Firewalls, Routers, Switches, Load Balancers, etc.)
- Excellent analytical and problem-solving skills.
- Demonstrated ability to participate in cross functional teams; including offsite, remote and with offshore resources.
- Experience working in very large enterprise environment with diverse teams.
- Effective written, verbal communication skills. Ability to tailor communication style to audience at hand and to effectively communicate with technical and non-technical resources.
- Self-directed, works with minimal guidance, and recognizes when guidance needed.
- Demonstrated ability to stay contemporary with the evolving security technology space.
Knowledge of NY DFS, NIST, COBIT, PCI, HIPAA, ISO, and other control frameworks.
General Experience, Education and Professional Certifications:
- Minimum 3-5 years of operational experience in IT Security
- BA/BS Degree in Engineering, Computer Science, or equivalent experience in Cyber Security and Engineering.
- Preferred: CompTIA Security+, SSCP, CISSP or similar certifications
If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.
Based on revenue as reported by "Fortune 500, ranked within Industries, Insurance: Life, Health (Mutual)," Fortune Magazine, June 17, 2016. See http://fortune.com/fortune500/ for methodology.
Total surplus, which includes the Asset Valuation Reserve, is one of the key indicators of the company's long-term financial strength and stability and is presented on a consolidated basis of the company.
1. Operating earnings is the key measure use by management to track Company's profitability from ongoing operations and underlying profitability of the business. This indicator is based on generally accepted accounting principles in the US (GAAP), with certain adjustments Company believes to be appropriate as a measurement approach (non GAAP), primarily the removal of gains or losses on investments and related adjustments.
2. Assets under management represent Consolidated Domestic and International insurance Company Statutory assets (cash and invested assets and separate account assets) and third party assets principally managed by New York Life Investment management Holdings LLC, a wholly owned subsidiary of New York Life Insurance Company.
Nearest Major Market: New Jersey
Job Segment: Database, Engineer, Accounting, Computer Science, Risk Management, Technology, Engineering, Finance
Back to top