Carlyle Group

Associate Vice President, Data Security

Carlyle Group$170K — $190K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree required; Master's preferred in related technical field or finance.
  • CISSP, CISM, or equivalent security certifications required.
  • 6+ years of relevant technical experience in data security required.
  • Hands-on expertise in Enterprise Data Loss Prevention (DLP) Architecture and Implementation.
  • Experience with Data Security Posture Management (DSPM) and data discovery technologies.

Responsibilities

  • Lead strategy and implementation of enterprise data loss prevention (DLP) initiatives.
  • Oversee content inspection technologies for sensitive data detection.
  • Guide adoption of AI/ML techniques to enhance DLP effectiveness.
  • Ensure comprehensive data protection coverage across all environments and platforms.
  • Establish and mature DSPM capabilities for risk assessment and data classification.
  • Drive prioritization of data security risks from misconfigurations and excessive permissions.
  • Integrate insights from multiple data protection technologies for a unified security posture.

Benefits

  • Comprehensive benefits package including retirement benefits and health insurance.
  • Paid time off and paid holidays included.
  • Eligibility for family planning benefits and wellness programs.
  • Participation in an annual discretionary incentive program based on performance.
Full Job Description
Basic information

Job Name:

Associate Vice President, Data Security

Location:

Washington, DC

Line of Business:

Global Technology & Solutions

Job Function:

Investor Services

Date:

Friday, May 22, 2026

Position Summary

Position Summary

The Associate Vice President of Data Security provides strategic leadership and direction for the enterprise data security program, ensuring the confidentiality, integrity, and availability of sensitive data across the organization. This role leads the design, execution, and continuous improvement of data security initiatives that align with business objectives, regulatory requirements, and evolving threat landscapes.

The AVP of Data Security oversees complex, multi-year security programs and high-impact projects, coordinating cross-functional teams across technology, engineering, legal, compliance, and business units. Through strong program and project management discipline, the role drives measurable risk reduction, ensures timely delivery of security initiatives, and maintains accountability for outcomes.

As a senior leader, this position bridges technical data security capabilities with organizational priorities, translating risk and security requirements into actionable strategies for executive stakeholders. The role is responsible for guiding the adoption and optimization of data security technologies-including data classification, encryption, data loss prevention (DLP), identity and access controls, and monitoring solutions-while establishing governance, metrics, and reporting to assess program effectiveness and maturity.

In-Office Requirement: 4 days per week

Responsibilities

Primary Responsibilities
• Lead the strategy, implementation, and optimization of enterprise DLP capabilities to prevent unauthorized disclosure of sensitive data, including PII, PCI, MNPI, and proprietary investment information.
• Oversee content inspection technologies leveraging pattern matching (e.g., SSNs, account numbers), keyword analysis, and checksum validation.
• Guide adoption of AI/ML-based DLP techniques that incorporate user behavior analytics and contextual risk to detect anomalous data activity.
• Ensure coverage for data at rest, in motion, and in use across endpoints, email, cloud collaboration platforms, and SaaS applications.
• Establish and mature DSPM capabilities to continuously discover, classify, and assess risk across enterprise data stores, including cloud platforms, data warehouses, and investment systems.
• Drive risk-based prioritization of data exposures caused by misconfigurations, excessive permissions, and insecure data flows.
• Integrate DSPM insights with DLP, IAM, encryption, and cloud security controls to create a unified data protection posture.
• Define metrics, reporting, and executive dashboards to communicate data risk and posture trends to senior leadership

Qualifications

Requirements

Education & Certificates
• Bachelor's degree, required
• Master degree in a related technical field or finance, preferred
• CISSP, CISM, or other vendor agnostic security certifications
• Microsoft Purview Data Loss Prevention experience required

Professional Experience
• Minimum of 6+ years of overall relevant technical experience, required
• Enterprise Data Loss Prevention (DLP) Architecture and Implementation
• Data Security Posture Management (DSPM) and Data Discovery
• Data Protection Technologies and Controls
• Advanced Data Monitoring and Analytics: Familiarity with content inspection techniques (pattern matching, checksum validation, keyword analysis) and AI/ML-driven analytics, including user behavior analytics (UBA/UEBA), to detect anomalous data access and potential exfiltration events.
• Security Program Integration and Metrics Development: Ability to integrate DLP, DSPM, IAM, encryption, and cloud security controls into a cohesive data protection architecture while establishing measurable security metrics, reporting frameworks, and executive dashboards to track program maturity and risk reduction.

Competencies & Attributes
• Strong understanding of Data Loss Prevention (DLP) concepts, including content inspection, pattern matching (PII, PCI, PHI), and policy-based data protection
• Experience with AI/ML-driven data risk detection, leveraging behavioural analytics and contextual analysis to identify anomalous data activity
• Proficiency in data discovery and classification across data at rest, in motion, and in use within cloud, on-premises, and hybrid environments
• Knowledge of Data Security Posture Management (DSPM) capabilities, including continuous data inventory, risk assessment, and exposure prioritization
• Ability to assess and remediate data security risks such as misconfigurations, over-permissioning, and unintended data exposure paths
• Experience defining and enforcing data security policies aligned with organizational risk tolerance and regulatory requirements
• Familiarity with encryption, tokenization, and data masking techniques to protect sensitive information in production and non-production environments
• Strong understanding of identity and access governance, including least-privilege access models and integration with IAM and PAM solutions
• Knowledge of security monitoring and analytics platforms (SIEM, UEBA) for detecting, investigating, and responding to data-related security incidents
• Experience with real-time alerting and automated response workflows to accelerate incident containment and remediation
• Understanding of regulatory and compliance frameworks (e.g., GDPR, HIPAA, PCI DSS, SOC 2) and mapping data security controls to audit and reporting requirements
• Ability to integrate DLP, DSPM, IAM, and monitoring tools into a cohesive, enterprise-wide data security architecture
• Experience with enterprise implementation of Microsoft Purview Data Loss Prevention

Benefits/Compensation

The compensation range for this role is specific to Washington, DC, and takes into account a wide range of factors including but not limited to the skill sets required/preferred; prior experience and training; licenses and/or certifications.

The anticipated base salary range for this role is $170,000 to $190,000.

In addition to the base salary, the hired professional will enjoy a comprehensive benefits package spanning retirement benefits, health insurance, life insurance and disability, paid time off, paid holidays, family planning benefits and various wellness programs. Additionally, the hired professional may also be eligible to participate in an annual discretionary incentive program, the award of which will be dependent on various factors, including, without limitation, individual and organizational performance.

Due to the high volume of candidates, please be advised that only candidates selected to interview will be contacted by Carlyle.

About Carlyle Group

The Carlyle Group is a global investment firm that specializes in private equity, credit, and real estate investments. The firm was founded in 1987 and is headquartered in Washington, D.C. Carlyle manages more than $230 billion in assets across 389 investment vehicles as of December 31, 2020. The firm's private equity investments span a wide range of industries, including aerospace and defense, consumer and retail, energy and power, healthcare, and technology, media and telecommunications. Carlyle has offices in 22 countries and employs more than 1,800 people worldwide.
Learn more about Carlyle Group
Size
1,850 employees
Market Cap
$10.6 billion
Industry
Net Income
$348.2 million
Founded
1987
5 Year Trend
+31%
Revenue
$2.9 billion
NASDAQ

Similar Jobs

More Jobs at Carlyle Group

More Information Technology Jobs

Find similar Associate Vice President, Data Security jobs: