Mizuho Americas Services LLC

Apply for this job

Business Risk & Control – Data Loss Prevention (Finance)



Business Risk & Control - Data Loss Prevention Vice President

The Business Risk & Control - Data Loss Prevention team is a 1st Line of Defense (LoD) focused on Information Security. Liaison between Information Security Office, IT Security and the Business Control Teams to be in line with the Information Security Framework. The DLP Monitoring Team role is to prevent, detect, monitor and report the loss or unauthorized dissemination of proprietary information from various vectors (physical, email, web, etc.) across MUSO.

Responsibilities

As a Vice President team lead member of the Data Loss Prevention (DLP) team, reporting to both the DLP Director and the Business Information Security Officer (BISO), the individual will oversee the monitoring of external electronic communication within the Mizuho environment. Their responsibilities include assisting DLP team members in providing comprehensive DLP event reports, managing incidents through identification, review, escalation, and resolution of DLP events, and updating/revising classification and DLP rules/policies in collaboration with Business and Control Teams. The role emphasizes data protection, encompassing awareness/training, data classification, secure email, and scanning to identify information security gaps in unstructured data. A strong focus on DLP initiatives is necessary for advancing the Information Security Framework at Mizuho. These projects will require close supervision by the DLP team and active participation in new strategic initiatives.

  • Possesses strong communication and leadership skills, with the ability to manage and prioritize multiple projects and initiatives effectively.
  • Comprehensive knowledge of cybersecurity risk management and information security standards.
  • Collaborating with end users to ensure the project aligns with business requirements
  • Facilitate effective meeting discussions by presenting materials that are well-prepared and pertinent to the tasks at hand.
  • Daily triage of reports generated by the Data Protection solution and/or centralized incident logs.
  • Conducting continuous monitoring of alerts for individuals, focusing on repeat offenders, anomalies, issue severity, and significance.
  • Conducting research to identify false positives
  • Conduct Email Forensic Monitoring to identify any policy violations.
  • Gathers findings, determines root cause, and suggests long-term solutions for business processes.
  • Escalate incidents and alerts to the appropriate Business Unit or Team Leads when required.
  • Conduct incident response tracking and reporting and ensure the closure of incidents following their resolution.
  • Assist in the preparation of KPI/KRI reports for Risk Committees and other governance-related activities.
  • Recommend enhancements to Data Protection awareness campaigns and training sessions tailored for different employee profiles.

Qualifications

Industry Background: Corporate Banking/Capital Markets - Financial Services

Years of Experience: 3+ years in related field; A team leader in an Information Security role.
Relevant Risk / Functional Experience: Information Security, Data Protection/Loss Prevention, Incident Alert Reporting/Processing, Case Management, Root Cause Analysis, working within SLA timeframes, Executive Management Reporting and Collaboration, Experience with Electronic Investigation, Forensic Tools and Methodologies, Log Correlation.

Behavioral Competencies: Complex workflow management; Strong interpersonal and communication skills, Ability to handle highly sensitive information in a very professional and confidential manner, and with the highest integrity; Problem solver; Possesses strong organizational and analytical skills; Team player; Self‐motivated and willing to adapt to an evolving work environment; Fosters cooperation, communication and commitment among groups and teams.

DLP tools - accustomed to one or more DLP tools such as Microsoft DLP (Purview/Defender), Netskope, Global Relay, Archer, ServiceNow, or Securiti. Proficiency in MS Word, Excel, and PowerPoint.

Certifications: CISM, CISSP, CISA, CIA - Preferred

The expected base salary ranges from $106,000.00 -$150,000.00. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.

#LI-Hybrid

#LI-NR1 Apply

Apply Here done