Role Overview:We are seeking an experienced Data Security Consultant to lead Data Security Posture Management (DSPM) assessments. This role involves identifying critical data risks, defining use cases, evaluating DSPM products, and developing comprehensive DSPM adoption strategies and roadmaps. The consultant will drive end-to-end data security transformation, covering discovery, classification, DLP, risk assessment, use case mapping, and solution selection aligned with regulatory and business requirements.
Key Responsibilities: - Perform enterprise-wide data security posture assessments across cloud, on-premise, and hybrid environments.
- Evaluate existing controls against DSPM maturity models and industry frameworks (NIST, GDPR, HIPAA).
- Identify gaps in data visibility, governance, and protection controls, conducting data discovery and classification analysis.
- Define high-value DSPM use cases, such as sensitive data exposure monitoring, data access governance, cloud data risk posture (S3, Azure Blob, Snowflake), and compliance monitoring (PII, PCI, PHI).
- Define functional and technical requirements for DSPM solutions, conducting OEM capability assessments (BigID, Cyera, Microsoft Purview, Symmetry Systems) and feature benchmarking.
- Create solution comparison matrices and recommendation reports, ensuring alignment with existing security stacks (SIEM, DLP, IAM, CASB).
- Develop phased DSPM adoption strategies, including pilot use cases, tool onboarding, and governance models.
- Build implementation roadmaps with milestones, KPIs, and success metrics.
Required Skills: - Expertise in Data Security, DSPM, DLP, or Information Protection.
- Understanding of data lifecycle security (at-rest, in-transit, in-use) and cloud platforms (AWS, Azure, GCP data services).
- Hands-on or consulting experience with DSPM tools (BigID, Cyera, Microsoft Purview, Symmetry Systems, Security.ai, Zscaler).
- Knowledge of data classification frameworks, data access governance, and data risk & exposure management.
- Familiarity with NIST Cybersecurity Framework and Data Protection standards.
- Strong regulatory & framework knowledge.
- Excellent stakeholder communication and documentation skills.
- Proficiency in consulting & analytical skills, including use case definition, business mapping, risk assessment, and prioritization.
- Cyber Security expertise.
Qualifications: - 10+ years of experience in Data Security, DSPM, DLP, or Information Protection.
