Deputy General Manager - Global Information Security

Job Description

We are seeking a highly experienced and visionary Head of Data Security Engineering to lead the design, implementation, and continuous improvement of our data security strategies across the enterprise. In this senior leadership role, you will be responsible for building and directing a high-performing team of data security engineers, partnering with cross-functional teams, and ensuring robust protection of critical data assets in a rapidly evolving threat landscape. The ideal candidate possesses deep technical expertise, strong leadership skills, and a passion for innovation in data security.

Key Responsibilities

Strategic Leadership & Vision

Define and drive the overall data security engineering strategy in alignment with business objectives and regulatory requirements.

Lead the development of long-term roadmaps for data protection, data loss prevention (DLP), encryption, and secure data processing.

Serve as a thought leader and advisor to executive management and other senior stakeholders on emerging data security trends, tools, and best practices.

Team Management & Development

Build, mentor, and manage a diverse and high-performing data security engineering team, fostering a culture of collaboration and continuous learning.

Oversee talent acquisition, performance management, and professional development plans to ensure the team remains at the cutting edge of data security knowledge.

Establish processes and standards for engineering best practices, code review, and secure development lifecycle.

Data Security Architecture & Engineering

Design and maintain scalable, secure data architectures that protect sensitive information throughout its lifecycle (collection, storage, processing, and transfer).

Collaborate with product, platform, and infrastructure teams to integrate security controls seamlessly into data pipelines, databases, and applications.

Evaluate and implement advanced security technologies (e.g., encryption at rest and in transit, tokenization, key management systems, DLP solutions) to protect enterprise data assets.

Governance, Risk & Compliance

Work closely with the Governance, Risk, and Compliance (GRC) teams to ensure adherence to regulatory mandates (e.g., GDPR, CCPA, HIPAA, PCI-DSS) and internal policies.

Develop and maintain documentation of data security standards, procedures, and guidelines to meet compliance and audit requirements.

Conduct regular assessments, audits, and penetration tests to identify vulnerabilities and ensure continuous improvement in data protection measures.

Incident Management & Response

Establish robust incident response plans for data breaches or security incidents, including escalation procedures, containment strategies, and root-cause analyses.

Coordinate with the Security Operations Center (SOC) and other stakeholders to ensure swift and effective response to data-related threats.

Perform post-incident reviews to capture lessons learned and enhance future preparedness.

Cross-Functional Collaboration

Partner with engineering, DevOps, IT, Legal, and other functional teams to embed secure practices throughout the software development lifecycle and data lifecycle.

Provide subject matter expertise for architecture reviews, data classification, and secure coding guidance.

Engage with stakeholders to communicate complex security issues and influence strategic decisions that support data security objectives.

Technology Evaluation & Innovation

Evaluate emerging security technologies, tools, and services, making recommendations for strategic investments to strengthen the organizations data security posture.

Lead proof-of-concept projects to assess the feasibility and effectiveness of innovative data protection solutions.

Stay current on industry trends, evolving threats, and best practices in data security engineering.

Qualifications & Experience

Education :

Bachelors or Masters degree in Computer Science, Information Security, Engineering, or a related field.

Relevant certifications such as CISSP, CISM, GIAC, or CCSK preferred.

Technical Expertise :

Extensive experience (15+ years) in data security, information security, or related engineering roles, with a solid track record in a leadership capacity.

Hands-on proficiency with data security architectures, cryptography (encryption, key management), DLP solutions, and secure database / storage technologies.

Strong understanding of cloud environments (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes), with a focus on security controls and best practices.

Knowledge of regulatory requirements (GDPR, CCPA, HIPAA, PCI-DSS) and industry frameworks (ISO 27001, NIST, SOC 2) related to data security.

Leadership & Soft Skills :

Demonstrated ability to lead, coach, and scale high-performing engineering teams.

Exceptional communication skills to effectively collaborate with technical teams, executives, and cross-functional partners.

Strong problem-solving, analytical, and decision-making abilities to navigate complex technical and organizational challenges.

Experience in managing multiple priorities in a fast-paced, dynamic environment.

Personal Attributes

Strategic Thinker : Able to translate complex security challenges into actionable strategies that support business goals.

Innovative Mindset : Constantly seeks out new ideas and approaches to elevate data security capabilities.

Results-Driven : Committed to delivering measurable outcomes, optimizing resources, and driving continuous improvement.

Collaboration Champion : Leads by example in fostering a shared vision and collaborative culture.

Skills Required

key management, Cryptography, Encryption