The College BoardRemote
Senior Engineer (Sr. Data Security Analyst)
United States of America
Full Time
1 day ago
$153,000 - $166,000 USD
No H1B
Key skills
PythonAIMachine LearningMLAnalyticsData MiningAWSAzureCommunicationCollaboration
About this role
The College Board is a nonprofit organization dedicated to helping students navigate their path to college and career. They are seeking a Senior Engineer (Sr. Data Security Analyst) to safeguard information assets, support privacy and compliance goals, and enhance data security measures across the organization. This role involves collaboration with various teams to implement security controls and analyze data-related risks.
Responsibilities:
- Define, implement, and maintain data classification, handling, and access control policies and standards across cloud and on-prem environments, leveraging data analytics to ensure policies address current threats
- Configure and tune DLP tools, DSPM, CASB, and cloud-native security controls to detect and prevent exfiltration of sensitive data or models, using statistical and machine learning techniques to optimize detection thresholds and reduce false positives
- Map and inventory sensitive data using security tools and support automated tagging to better inform security controls and data lifecycle management
- Provide subject matter expertise on encryption, tokenization, and access management for structured, semi-structured, and unstructured data
- Participate in risk assessments, control testing, and audits as needed with data owners across the organization, applying data-driven analysis to quantify risks and support evidence-based remediation plans
- Recommend enhancements to data protection tooling and processes based on emerging threats and lessons learned, incorporating trends from security analytics and predictive risk modeling
- Monitor data security alerts and anomalies supported by College Board’s security tools
- Triage data-related security events, interfacing with data custodians and escalating to the Cyber Defense Team as needed, leveraging behavioral analytics to improve prioritization
- Assist Cyber Defense in DLP investigations, utilizing forensic and data mining techniques to support root cause analysis
- Maintain awareness of threats and behavioral risks tied to data access, incorporating insights from user and entity behavior analytics (UEBA)
- Utilize internal AI agents to enable more accurate reviews, helping to automate the identification of high-risk data interactions and enhance the speed of investigation
- Work with Legal, Privacy, and Data Governance teams to align data protection practices with policies and laws
- Support regulatory and internal compliance needs related to data handling and privacy laws by providing evidence or information to Privacy or GRC as requested
- Deliver regular data security related reporting and metrics, incorporating trends, KPIs, and predictive indicators that highlight risks and drive continuous improvement
Requirements:
- 5+ years of experience in data security, cybersecurity, or information protection roles, ideally in mid- to large-scale environments, with a strong understanding of how data is collected, used, and protected across complex ecosystems
- Proven ability to leverage AI/ML or advanced analytics to uncover hidden risks, reduce false positives, and guide security decision-making
- Experience building AI-driven agents or automation scripts to accelerate DLP scans and/or investigations, prioritize alerts, or enrich incident data with contextual insights (Python experience is preferred)
- Hands-on expertise with data protection and governance tools and familiarity with leveraging these tools for data discovery, classification, and analytics
- Strong working knowledge of security principles including data classification, access control, encryption, tokenization, and privacy-by-design, with the ability to apply these concepts through a data-driven lens
- Experience working with AWS and Azure data sources, including the ability to analyze data flows and monitor risks to the data in cloud-native environments
- Experience conducting investigations into data loss, insider threats, or anomalous access behaviors using SIEM or endpoint security tools, and enhancing detection through behavioral analysis or anomaly detection models
- Excellent communication and collaboration skills, including the ability to translate technical findings for non-technical stakeholders and work cross-functionally across security, legal, IT, and data teams
- Strong organizational and analytical skills, with the ability to derive insights from large or complex datasets to inform security decision-making
- You are authorized to work in the United States
- A passion for expanding educational and career opportunities and mission-driven work
- Authorization to work in the United States for any employer
- Proficiency in Microsoft Suite Tools (or a willingness to learn)
- Curiosity and enthusiasm for emerging technologies, with a willingness to experiment with and adopt new AI-driven solutions and a comfort learning and applying new digital tools independently and proactively
- Clear and concise communication skills, written and verbal
- Evidence of skills and mindsets required to live out College Board's Operating Principles, notably: A commitment to candid, timely, respectful feedback, A learner orientation and an openness to ideas and diverse perspectives, The ability to push for excellence through data-informed decision-making, iterative learning, external benchmarking and user-inputs, Strong problem-solving skills, including the ability to break down complex issues and identify clear paths forward, A track record of prioritizing high-impact work, simplifying complexity, taking initiative, and making decisions quickly with clarity of purpose, A habit of collaborating across differences, practicing empathy, and contributing to a culture of trust and shared success