SR. DATA SECURITY ENGINEER

The Data Security Engineering team is responsible for safeguarding data and systems against various threats, including unauthorized access, data breaches, and cyberattacks. This includes the engineering, deployment, and advanced support of critical control systems, security platforms, and associated workstreams or processes. The Cyber Engineering teams collaborate closely with peers within the Cyber Defense Organization and Technology teams to enable and support Comerica’s systems.
The ideal candidate will have experience developing and implementing security protocols and encryption to protect data both at rest and in transit. The ideal candidate will have experience enforcing DLP policies across a wide array of systems containing both structured and unstructured data.
The Sr. Data Security Engineer is accountable for the successful delivery of department-wide engineering efforts for distributed and complex systems. They are recognized as platform and domain experts across the business with a demonstrated history of cross-functional partnership and solutions design. The role is focused on providing technical leadership in the application of data security solutions and keeping in-touch with innovation in their target knowledge domain. The role will be expected to exhibit strong execution of projects of high to very high complexity in partnership with their assigned project resources. The Sr Data Cybersecurity Engineer is expected to provide direct support as a delegate of their Cybersecurity Engineering Manager in the areas of Risk Management, Third-Party Risk Management, Model Risk Management, and Business Continuity and Disaster Recovery planning.

POSITION QUALIFICATIONS:

• Bachelor’s Degree from an accredited university in Computer Science, Engineering or in a Technology related field OR equivalent through a combination of education and/or technology experience OR 12 years of technology experience
• 6 years of relevant work experience within Cybersecurity Engineering or Operations
• 6 years of experience in a combination of the following domains of knowledge: Network Engineering and Security, Endpoint Security or System Hardening, SIEM or Detection Engineering, Cloud Operations or Security Engineering, Fraud Detection and Analysis, Security Automation or Software Development, Data Engineering or Analytics, and Technical Risk Analysis
• 5 years of experience partnering with Architecture and Design teams to develop strategic initiatives and translate those into highly effective enterprise systems
• 3 years of experience working within an Agile team targeting an iterative release method for infrastructure and security services
• 3 years of experience working with general automation tools and processes like Python, Bash, Powershell, Git, etc.

PREFERRED QUALIFICATION/LICENSES/CERTIFICATIONS:

• Preferred, CISSP (Certified Information Systems Security Professional) CISM, CySA+, or other Expert-level certifications
• Preferred, Certifications within relevant Engineering Domain: CCNP/CCDA, GDSA, GCIA, GMON, GCDA, CCSP, RHCE, GPPA, GSA, AWS – Security
• Experience developing and maintaining data encryption, tokenization, and masking solutions across systems handling sensitive data (e.g., PII, PCI, account information)
• Experience administering DLP tools for endpoints, network, and SaaS platforms
• Extensive knowledge of the principles of data classification and labeling include confidentiality, integrity, and availability
• Experience in creating and managing dashboards and alerts to effectively monitor DLP violations
  WORK BEST CATEGORY:Category C - Days in the office will either be designated days or will vary week to week from 2-5 days
  HOURS:8:00am - 5:00pm Monday - Friday
  SALARY:To Be Determined Based on Individual Experience