The College BoardRemote
Senior Engineer (Sr. Data Security Analyst)
United States of America
Full Time
5 days ago
$153,000 - $166,000 USD
No H1B
Key skills
PythonAIMachine LearningMLAnalyticsData MiningAWSAzureCommunicationCollaboration
About this role
College Board is a mission-driven, not-for-profit organization dedicated to excellence in education. They are seeking a Senior Engineer (Sr. Data Security Analyst) to play a critical role in identifying, assessing, and mitigating data-related risks across the organization while collaborating with various teams to enhance security posture and compliance.
Responsibilities:
- Define, implement, and maintain data classification, handling, and access control policies and standards across cloud and on-prem environments, leveraging data analytics to ensure policies address current threats
- Configure and tune DLP tools, DSPM, CASB, and cloud-native security controls to detect and prevent exfiltration of sensitive data or models, using statistical and machine learning techniques to optimize detection thresholds and reduce false positives
- Map and inventory sensitive data using security tools and support automated tagging to better inform security controls and data lifecycle management
- Provide subject matter expertise on encryption, tokenization, and access management for structured, semi-structured, and unstructured data
- Participate in risk assessments, control testing, and audits as needed with data owners across the organization, applying data-driven analysis to quantify risks and support evidence-based remediation plans
- Recommend enhancements to data protection tooling and processes based on emerging threats and lessons learned, incorporating trends from security analytics and predictive risk modeling
- Monitor data security alerts and anomalies supported by College Board’s security tools
- Triage data-related security events, interfacing with data custodians and escalating to the Cyber Defense Team as needed, leveraging behavioral analytics to improve prioritization
- Assist Cyber Defense in DLP investigations, utilizing forensic and data mining techniques to support root cause analysis
- Maintain awareness of threats and behavioral risks tied to data access, incorporating insights from user and entity behavior analytics (UEBA)
- Utilize internal AI agents to enable more accurate reviews, helping to automate the identification of high-risk data interactions and enhance the speed of investigation
- Work with Legal, Privacy, and Data Governance teams to align data protection practices with policies and laws
- Support regulatory and internal compliance needs related to data handling and privacy laws by providing evidence or information to Privacy or GRC as requested
- Deliver regular data security related reporting and metrics, incorporating trends, KPIs, and predictive indicators that highlight risks and drive continuous improvement
Requirements:
- 5+ years of experience in data security, cybersecurity, or information protection roles, ideally in mid- to large-scale environments, with a strong understanding of how data is collected, used, and protected across complex ecosystems
- Proven ability to leverage AI/ML or advanced analytics to uncover hidden risks, reduce false positives, and guide security decision-making
- Experience building AI-driven agents or automation scripts to accelerate DLP scans and/or investigations, prioritize alerts, or enrich incident data with contextual insights (Python experience is preferred)
- Hands-on expertise with data protection and governance tools and familiarity with leveraging these tools for data discovery, classification, and analytics
- Strong working knowledge of security principles including data classification, access control, encryption, tokenization, and privacy-by-design, with the ability to apply these concepts through a data-driven lens
- Experience working with AWS and Azure data sources, including the ability to analyze data flows and monitor risks to the data in cloud-native environments
- Experience conducting investigations into data loss, insider threats, or anomalous access behaviors using SIEM or endpoint security tools, and enhancing detection through behavioral analysis or anomaly detection models
- Excellent communication and collaboration skills, including the ability to translate technical findings for non-technical stakeholders and work cross-functionally across security, legal, IT, and data teams
- Strong organizational and analytical skills, with the ability to derive insights from large or complex datasets to inform security decision-making
- You are authorized to work in the United States
- A passion for expanding educational and career opportunities and mission-driven work
- Authorization to work in the United States for any employer
- Proficiency in Microsoft Suite Tools (or a willingness to learn)
- Curiosity and enthusiasm for emerging technologies, with a willingness to experiment with and adopt new AI-driven solutions and a comfort learning and applying new digital tools independently and proactively
- Clear and concise communication skills, written and verbal
- Evidence of skills and mindsets required to live out College Board's Operating Principles, notably: A commitment to candid, timely, respectful feedback, A learner orientation and an openness to ideas and diverse perspectives, The ability to push for excellence through data-informed decision-making, iterative learning, external benchmarking and user-inputs, Strong problem-solving skills, including the ability to break down complex issues and identify clear paths forward, A track record of prioritizing high-impact work, simplifying complexity, taking initiative, and making decisions quickly with clarity of purpose, A habit of collaborating across differences, practicing empathy, and contributing to a culture of trust and shared success