BERWYN, PA, US
18 days ago
Manager, Data Protection Risk (Remote)

At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world. 

Job Overview

The ideal candidate for the Data Protection Risk Manager will have a passion for building data-centric security programs that protect the confidentiality of sensitive data and a strong desire to be part of a growing information security team in a high-volume, dynamic environment. This individual will focus on the execution and coordination of data protection governance, risk, and compliance processes related to a broad range of global threats, regulations, and requirements.  
The Data Protection Risk Manager is vital to the Governance, Risk, and Compliance (GRC) team within TE’s Security & Risk Management (SRM) function. The SRM function is part of TEIS (TE Information Solutions). It is globally responsible for information/data security, cybersecurity, technology risk and controls, IT compliance, and related areas across TE Connectivity.  

 

RESPONSIBILITIES:

Develop and lead the implementation of an enterprise-wide Data Protection Risk & Governance program that ensures the confidentiality of sensitive information in alignment with TE’s culture and business priorities.   Identify and lead strategic projects to enhance and mature data classification, labeling, data loss prevention, encryption, cloud data security protection, etc.; negotiate the sequencing and timing of project delivery with stakeholders. Lead evaluation of new Data Protection solutions and services, providing a business case and recommendations on investment in solutions and technologies Work with business and technical groups to assess data protection risks, recommend enhanced governance and controls, perform self-assessments, and suggest improvements in control design. Drive collaboration among diverse teams to develop and implement data protection controls appropriate to TE businesses and processes. Develop and implement communication strategies to maintain stakeholder visibility and awareness of all Data Protection initiatives. Lead data protection change management, knowledge base, awareness, and communication for enterprise-wide programs Oversee data security/protection audit findings and remediation plans, track progress, and coordinate cross-functional interactions. Create and maintain documentation regarding TE’s data protection controls to support audits and certifications. Oversee and govern data protection controls that meet TE global policies, regulatory requirements, and customer contractual requirements. Perform and update data protection risk assessments across both on-premises and cloud environments. Identify gaps in the design and operating effectiveness of data protection controls and identify improvements that reduce risk and/or align TE with industry-recognized internal control frameworks. Develop and maintain data protection dashboard, metrics roadmap, and scorecards. Manage and/or liaison with teams developing and implementing insider risk programs, data inventory, and other risk or governance solutions and capabilities. 
  What your background should look like:

SKILLS & KNOWLEDGE

In addition to passion and expertise in data protection, this role requires change leadership who can build relationships, influence stakeholders, communicate clearly, work cross-functionally, and interact effectively at all levels of the organization.

 

Qualifications:

Expert knowledge of data protection and information security-related risks and controls, including classification & labeling; data loss & leakage; ransomware (data exfiltration & digital extortion); and employee data usage monitoring. General knowledge of data protection technology capabilities and use cases, including data security platforms (e.g., Varonis), Data Security Posture Management solutions, DLP solutions, digital rights management, CASB, EUBA, encryption/tokenization, database security, etc. General knowledge of industry frameworks for IT/cyber security (NIST, ISF Standards of Good Practice, ISO 27001) concerning data protection. Familiarity or experience with the following is a plus: Data governance models and best practices, including roles and responsibilities for data management to include Data Owners and Data Stewards, data lifecycle, retention, and destruction requirements  Artificial intelligence risks and best practices, including Generative AI (e.g., ChatGPT, Microsoft Copilot, etc.)  Product engineering systems and file formats (CAD), R&D, “crown jewel” intellectual property, or trade secrets  Global privacy regulations  Global trade compliance regulations  Ability to track and manage numerous parallel activities. Ability to identify opportunities for continuous improvement and execute them.  Ability to work efficiently and independently with minimal supervision (i.e., self-motivated and willing to stretch to meet essential deadlines). Ability to work successfully in a cross-functional team environment. Bachelor’s degree (High School +4 years)   Active security certification (CISSP, CISM, CRISC, or CISA) or equivalent is a plus. Years of experience: 7-10 years or more Competencies Values: Integrity, Accountability, Inclusion, Innovation, Teamwork

COMPENSATION
•    Competitive base salary commensurate with experience: $138,500 - $200,000 (subject to change dependent on physical location)
•    Posted salary ranges are made in good faith. TE Connectivity reserves the right to adjust ranges depending on the experience/qualification of the selected candidate as well as internal and external equity.
•    Total Compensation = Base Salary + Incentive(s) + Benefits
BENEFITS
•    A comprehensive benefits package including health insurance, 401(k), disability, life insurance, employee stock purchase plan, paid time off and voluntary benefits.

EOE, Including Disability/Vets

Confirm your E-mail: Send Email