Address
Form of workFidelity National Financial, Inc. (NYSE:FNF) is a leading provider of title insurance and transaction services to the real estate and mortgage industries. FNF is the nation's largest title insurance company through its title insurance underwriters - Fidelity National Title, Chicago Title, Commonwealth Land Title, Alamo Title and National Title of New York - that collectively issue more title insurance policies than any other title company in the United States. More information about FNF can be found at fnf.com.
FNF is seeking a Sr Engineer of Data Prevention to join the Information Security Office (ISO) in either the Jacksonville, FL office or REMOTE. This position will report to the Director of DLP & Insider Threat Engineering. The Sr. Engineer will support FNF’s DLP toolsets, Insider Threat Management, DLP Investigation, Secure Data Transmission, and Cloud Data Protection initiatives. An ideal candidate must be fluent in DLP technologies and methodologies, root cause analysis and risks management, security best practices standards, and audit and regulatory frame works.
• Develop, deploy, and manage target state DLP technologies, integrations, and policies.
• Manage full lifecycle of design and support evolution of engineering, system administration and daily operations of DLP technologies and services with a focus on continuous service improvement.
• Manage full lifecycle of design and support evolution of engineering, system administration and daily operations of Secure Web Gateway (SWG) technologies and services with a focus on continuous service improvement.
• Manage and mature DLP program-related controls, documentation, testing and alignment with risk management framework.
• Assess business requirements of the various lines of business and align solutions to balance enablement of the business with appropriate security controls.
• Collaborate with other security groups to ensure alignment of strategies and ensure control coverage.
• Support creation and documentation of business process aspects of the DLP initiative including process and procedure manuals, training, employee communication, workshops, business unit orientation and on-boarding, and team meetings.
• Work with DLP Response team to deliver measurable metrics reporting, Key Risk Indicators (KRI’s) and Key Performance Indicators (KPI’s) that will be used for reporting to stakeholders and board of directors and continuous improvements for the program.
• Work with various Audit, Compliance and Assessment teams and programs to identify, assess and mitigate operational risks, evaluating the adequacy and effectiveness of the platform, standards, procedures, processes, and internal controls.
• Support adherence to applicable Security Controls, Policies, and Standards; partner with business owners and technology groups to synchronize plans to remediate gaps.
• Participate in afterhours activities, as necessary, such as an on-call rotation and critical incident investigations.
• BS/MS in Computer Science or Business with emphasis in IT or equivalent is optional, but highly desired.
• Relevant cyber security certifications, such as CISSP, CISM, are optional, but highly desired.
• Experience with Microsoft MIP, Proofpoint, Varonis, or IBM Guardium.
• Experience with SOAR technologies.
• Experience with ServiceNow Security Incident Management.
REQUIREMENTS:
• 6+ years of Cybersecurity, Security Engineering and/or Governance Risk and Compliance related experiences.
• Experience with Enterprise SWG solutions, design, implementation, and operations.
• Experience with Enterprise DLP, UBA, UEBA, CASB, DAG, DAM, software solutions, design, and implementation.
• Experience building and maintaining custom DLP detection and prevention policies.
• Experience with designing and building web security policies.
• Experience successfully working within a globally distributed/remote organization of team members and key program stakeholders.
• Experience gathering, developing, and documenting business/technical requirements.
• Experience taking requirements and translating them to technology through evaluation and implementation.
• Experience mentoring and training peers and junior level resources.
• Experience interfacing with Sr. leadership to present both situation reports and business proposals for strategic change/improvements.
