• Serve as a thought leader for customers, delivering innovative ideas and strategic proposals to maximize the value of their Privacy, Security, Governance programs, and technology investments.• Design and implement comprehensive data governance frameworks, championing best practices, raising awareness of data controls, and enabling customers to unlock the value of their data assets.• Prepare, present, and effectively communicate key data governance and security issues, along with emerging trends, at customer Data Governance forums and management committees.• Maintain and ensure compliance with up-to-date documentation, including Records of Processing Activities (ROPA), data protection policies, privacy notices, retention schedules, and information security policies.• Provide guidance on secure architecture design, network security, and compliance with global regulatory requirements, ensuring robust protection of sensitive data.• Guidance for information security controls, including vulnerability management, incident response planning, and IT risk mitigation strategies aligned with industry standards like ISO 27001, NIST, and PCI-DSS.• Lead the delivery of Data Privacy Statements of Work (SOW), including pricing strategies, solution cost estimations, and compliance reviews in response to RFPs/RFIs.• Conduct security awareness training for stakeholders and develop policies to address insider threats, access control, and data lifecycle protection.

• Ensure ongoing compliance for unstructured data by delivering robust data protection and security approaches.• Oversee end-to-end unstructured data management and define a comprehensive data classification model for the organization.• Provide technical leadership in leveraging the Microsoft Azure platform (MIP) to support business units.• Collaborate with IT and business leadership to implement the organization’s Data Strategy.• Conduct first-level Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA).• Partner with the Data Protection Officer (DPO) to enhance data privacy metrics and strengthen compliance frameworks.• Coordinate with business units to address legal and regulatory data requests.• Work with the Disaster Recovery team to design, implement, and test recovery strategies.• Manage the DLP suite, including policy creation, deployment, and fine-tuning to minimize false positives.

• Conduct Cyber Security Maturity Assessments by embedding robust Information Security Management Systems (ISMS).• Ensure PCI compliance readiness through comprehensive assessments and remediation planning.• Manage end-to-end Vulnerability Management and drive policy compliance readiness.• Implement and oversee firewall risk assessment processes to enhance network security.• Establish and implement adequate security controls for onboarding new vendors.

• Conduct Information Security Audits, testing, and reviews of security controls to ensure compliance.• Perform baseline audits and create comprehensive asset registers.• Implement, configure, maintain, fine-tune, and troubleshoot the Symantec Data Loss Prevention (DLP) solution.• Execute internal audits, address findings, and assist clients during external audit processes.• Perform baseline reviews of UNIX and Windows operating systems, as well as databases like MS-SQL and Oracle.• Develop baseline documents and perform reviews of operating systems, databases, firewalls, network devices, and web servers following NIST guidelines.

• Provide consulting and implementation services to help clients enhance their information security posture by aligning with standards and frameworks like ISO 27001:2005 and PCI-DSS.• Perform Information Security Risk Assessments, including vulnerability scanning and mitigation in line with PCI-DSS requirements.• Generate and publish MIS reports for business reviews to ensure informed decision-making.• Share timely advisories with clients on emerging vulnerabilities and threats relevant to their assets.• Respond to security incidents involving malicious traffic using tools like Remedy, ensuring swift mitigation.• Deliver daily and weekly compliance reports, staying updated on emerging threats from sources like SANS and Symantec Deep-sight, and advising clients accordingly.• Verify and validate the remediation of vulnerabilities after tickets are marked as resolved.