Data Privacy Analyst

POSITION SUMMARY

Have you always wanted to work for a dynamic, innovative company that has the agility of a start-up but has decades of experience as an industry leader within a fast-paced and growing industry like private aviation?

Flexjet, the second-largest private aviation company, is currently seeking a qualified candidate to join our IT department as a Data Privacy Analyst at one of our offices in the greater London area, United Kingdom.

As a Data Privacy Analyst, you will develop controls, policies, and operating procedures for accessing, storing, monitoring, and protecting the CIA of our organization’s data. You will also stay current on Data and Privacy related legislation and assist with ensuring regulatory compliance. Additionally, you will administer and address third-party and vendor security questionnaires, perform security audits, assist with risk assessments, and perform other duties as required pertaining to Information Security.

DUTIES & RESPONSIBILITIES

• Develop and implement information security policies and procedures
• Implement components of a layered InfoSec defense to protect data on-premise, in the cloud, and any BYOD devices
• Grow and mature our data security posture through use of Microsoft Purview and other tools
• Monitor on premise, cloud, and individual systems data for security breaches
• Investigate, document, and remediate data security incidents
• Work with the Data Privacy Officer to maintain an accurate data inventory and coordinate actions and responsibilities for overlapping areas of interest
• Provide regular updates on your areas of responsibility to team members and IT leadership
• Participate in the on-call rotation.
• Interact with vendors and partners as needed
• Must be flexible with the schedule and able to work outside of normal business hours as needed

EDUCATION & EXPERIENCE

• Bachelor’s Degree in Computer Science, Cybersecurity, or related field is preferred
• Cyber Security certification (CEH, CISA, CISM, CISSP, Security+)
• 3+ years of experience in Information Security
• 2-3 years of experience as a System Admin or equivalent role
• Comprehensive understanding of GDPR and DPA 2018 and experience in meeting such compliance requirements
• Experience with Microsoft Defender Suite, Microsoft Purview and E5 licensing
• Experience implementing a DLP program
• Working knowledge of a SIEM such as LogRhythm, Splunk, Azure Sentinel, Alien Vault or Rapid 7
• In depth experience working with Microsoft Server operating systems Windows 2012 and newer
• In depth experience working with Microsoft Client operating systems Windows 7 and newer
• Professional experience in a production environment supporting a multi-host hypervisor infrastructure such as VMWare or Hyper-V, supporting a mix of Windows and Linux workloads
• Experience operating and maintaining secure networks, systems and application architectures
• Experience planning, researching, and developing security policies, standards, and procedures

REQUIRED SKILLS

• Knowledge of Microsoft E5 licensing with a heavy focus on the Security and Compliance modules
• Knowledge of risk assessment tools, technologies, and methods
• Knowledge of disaster recovery, computer forensic tools, technologies, and methods

• Strong understanding of IPv4 Networking fundamental. TCP/UDP, Routing, VLANs, Subnet masking, DNS, DHCP, common protocols and ports. IPv6 is a bonus.

• Proficiency with Regular Expressions is required to perform custom DLP activities concerning classifications, exclusions, monitoring, and tuning
• Ability to communicate effectively with peers and management
• Solid understanding of Windows Server Technologies including Active Directory, File Permissions, Print Servers, Group Policies, Clustering
• Strong verbal and written communication
• Works well independently and as part of a team
• Manages time well, working on simultaneous challenges without undue stress.
• Flexibility and willingness to work in a changing environment.

DESIRED QUALITIES

• Strong GDPR Experience
• Experience with Microsoft InTune/Security/Compliance/
• Experience with Microsoft Defender for Endpoint and for Identity
• Experience securing data and access to data through use of a CASB
• Experience with Subject rights request, Privacy risk management, and Data lifecycle management
• Hyper-converged infrastructure experience is a plus
• ITIL knowledge is a plus
• Prior experience in travel or aviation industries a plus