The Estee Lauder Companies Director, Data Classification in Long Island City, New York
Director, Data Classification
Brand: Estée Lauder Companies
The Global Information Risk and Security (GIRS) Director focused on Data Classification will be responsible for advancing enterprise data security efforts by implementing an enterprise Data Management and Classification Program and managing other related work involving the identification, classification, labeling, and protection of corporate information.
This individual will also be responsible for managing risk assessment activities across the enterprise to determine the sensitivity of new and existing data and to determine the controls needed to identify, classify, protect, and monitor both structured and unstructured data present in the Company’s environment to prevent unauthorized access, loss, or compromise.
This individual will manage the assessment and implementation of process improvement programs for data management, classification, and security.
This role necessarily deals with highly confidential and sensitive information, and the role is expected to confirm to best handling practices.
Set direction and manage the development of the Data Management and Classification Program, which includes searching for sensitive and regulated data on Company systems; identifying key information owners; providing guidance on classifying, labeling, and the use/handling of data; and assisting with the design and implementation of data classification and rights management solutions. (40%)
Collaborate with various stakeholders and business leadership to identify, define, implement, and maintain sensitive and business critical data in accordance with legal, regulatory, contractual, and industry standards. (20%)
Plan, develop, and oversee the implementation of programs to educate users on corporate policies related to information classification, labeling, use, and handling. (15%)
Develop and publish data classification metrics, reports, and updates. (15%)
Coordinate with stakeholders and information owners to conduct and refresh inventories of sensitive and regulated data residing on the Company’s network. (10%)
Experience managing data classification and data lifecycle processes. Broad understanding of data classification concepts and products. Experience working with the concepts of data integrity, privacy, and security. Thorough understanding of general network components, concepts, and tiered architectures. Experience implementing and managing Data Loss Prevention (DLP) solutions. Detailed knowledge of the elements that constitute PII (personally identifiable information), personal health information, sensitive financial information, and credit card information.
Experience overseeing risk management techniques and practices. In-depth knowledge of the use and application of commonly used IT security controls, such as encryption, authentication techniques, logging, contingency planning, etc.
Experience documenting standard operating procedures and working with senior management to gain acceptance. Experience developing and presenting training and educational materials. Hands-on experience responding to internal audit findings by researching solutions and recommending process improvements.
Demonstrated communication skills with the ability to build relationship with business stakeholders to get results. Experience using Microsoft Office products, such as Microsoft Excel, PowerPoint and Word. Project management experience is desired.
Experience handling, securing, and communicating highly confidential and sensitive information.
Job: Information Technology
Primary Location: Americas-US-NY-Long Island City
Job Type: Standard
Shift: 1st (Day) Shift
We are an equal opportunity employer. Minorities, women, veterans, and individuals with disabilities are encouraged to apply.
Job Number: 192132