Data Protection Engineer III - Andover, MA

Apply

Job Summary:

The data protection analyst is a practitioner responsible for securing and monitoring all data accessed, transmitted and stored throughout the business and third parties. The data protection analyst is involved throughout the entire data lifecycle, from inception through disposal, ensuring access to data is managed and maintained following rigorous security, engineering and governance principles. The analyst works closely with business units and stakeholders to help with data access, ownership and enforcement of policies, rules and safeguards. The analyst works closely with IT team members, cybersecurity operations/responders and third parties, and must be technically proficient with data protection technologies, including data loss prevention (DLP), cloud access security broker (CASB), data classification, privacy, behavior analytics, encryption and GRC.

The analyst must collaborate with technical and non-technical teams to design, implement and manage data protection processes that reduce risks from insider threats and data breaches. The role is expected to be knowledgeable about data storage and identity and access management, and adept at understanding security architecture with internal and hosted services. Continual assessment and validation of controls is required to ensure protection aligns with policies, procedures and risk oversight. Analysts support senior management to help maintain a safe and secure enterprise technical operation. Additionally, analysts work closely with incident response and security operations center (SOC) personnel when events and suspected incidents surface.

Job Responsibilities:

• Serve on a distributed security and technology team responsible for establishing and maintaining data protection technical controls.

• Align data protection policies and procedures with the corporate governance structure.

• Develop, refine, and produce clear metrics and insights on data protection, risk trends, and control effectiveness

• Work closely with security leadership, teammates and stakeholders to evaluate and implement data protection controls that align with organizational risk posture and compliance requirements.

• Support and maintain a wide range of data protection technologies, including but not limited to DLP, CASB, behavioral analytics, insider threat, data classification, data governance and encryption.

• Secure and monitor data on-premises, in cloud infrastructure and within applications required to support a dispersed remote workforce.

• Manage and test business rules protecting data, as well as the use and handling of data assets.

• Conduct data discovery to locate data at risk, as well as validate existing data storage has not been altered.

• Document data protection policies and exceptions, and periodically review with business units.

• Make recommendations for improvements to ensure least privilege to data and rigorous security practices, without negatively impacting end-user experience or leading to employees attempting to circumvent controls.

• Execute tactical requests supporting the strategic vision for rigorous and scalable data protection controls.

• Maintain understanding of business processes to aid in managing enterprise data protection.

• Frequently interact with business units to understand their plans, risk posture and tolerance, and how to share responsibility and support their vision and business obligations securely.

• Implement data protection projects from inception to completion on time and within budget.

• Openly support the organization, the management team and executive leadership team, even during times of adversity.

• Analyze systems and data sources for accidental, malicious and unauthorized activities.

• Develop relationships with engineering, IT, incident response, SOC and software engineering team members.

• Openly support the organization, management and executive leadership, even during times of adversity.

• Perform other duties as assigned.

Required Qualifications:

• Bachelor's degree in a related field- (Information Security/ IT)
• Typically requires 4 years' experience in security systems administration, to include 2+ years' technical hands-on data protection practitioner experience.

• Experience with administering directory services, databases, role-based access, DLP, data classification and governance solutions.
• Experience with Information Protection and develop and enhance insider threat and information protection policies.

• Experience with regulatory requirements and laws, such as Sarbanes-Oxley Act (SOX), GDPR & CMMC.
• Experience in one or more of the following is required: ISO 2700x, ITIL, NIST Cybersecurity Framework (CSF).
• 
  

  This position requires you to have or obtain a government security clearance. Security clearances may only be granted to U.S. citizens.

  
  

Preferred Qualifications:

• 
  

  Active U.S. Secret Clearance.

  
  
• Some basic experience with one or more scripting languages (e.g., Python, PowerShell and Bash).

#LI-RL1

"This position requires you to access information that is subject to U.S. export regulations. You may only access such information if you are a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. government."

.Fulltime Equivalent Job Grade Salary Range for this position
* $75,000.00 - $150,000.00 annual salary for in-office or hybrid employees in FL, GA, IN, AZ, AL, MD or TX, and all remote employees
* $84,000.00 - $168,000.00 annual salary for in-office or hybrid employees in VA, CA, NH or MA
* $88,500.00 - $177,000.00 annual salary for in-office or hybrid employees in NJ

Mercury Systems is a technology company that makes the world a safer, more secure place. We push processing power to the tactical edge, making the latest commercial technologies profoundly more accessible for today's most challenging aerospace and defense missions. From silicon to system scale, Mercury enables customers to accelerate innovation and turn data into decision superiority. Headquartered in Andover, Massachusetts, Mercury employs more than 2,300 people in 24 locations worldwide. To learn more, visit mrcy.com

Our Culture

We are committed to making Mercury a great place to work, no matter where our employees are located. We offer a casual and enjoyable atmosphere that allows employees to learn and grow. We help and care for one another and work as one to achieve results for us and for our customers. We value communication and transparency, and strive to foster two-way dialogue at all levels of the organization. We are committed to lifelong learning, offering comprehensive skills training and tuition reimbursement. Whether you're just starting out on your career journey or you are an experienced professional, it's important to us that you feel recognized and rewarded for your contributions.

To find out more about Why Mercury?, or visit the Mercury Community or find answers to general questions at Mercury FAQs

Mercury Systems is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex (including pregnancy), sexual orientation, gender identity, national origin, genetic information, creed, citizenship, disability, protected veteran or marital status.

As an equal opportunity employer, Mercury Systems is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants that require accommodation in the job application process may contact the number below for assistance.

(978) 256-1300

Click here read about our recent press release.