CNA Financial Corporation

Data Security Director

CNA Financial Corporation$97K — $189K *
Chicago, IL 60629In-Person
Information Technology
8 - 10 years of experience
2 months ago
Job Overview by Ladders

Qualifications

  • Bachelor's Degree required; Master's preferred in Computer Science or related field.
  • 10+ years of IT Security experience with focus on cloud security.
  • 5+ years designing or implementing data security solutions as a security architect.
  • 5+ years in data security program development, including classification and governance.
  • 3+ years in data protection solutions within cloud environments (AWS, Azure, GCP).
  • 5+ years hands-on experience with Data Security vendors and solutions.

Responsibilities

  • Develop and manage the Secure Data Strategy for the organization.
  • Lead and develop a high-performing team of data security professionals.
  • Oversee the integration of data discovery and classification processes.
  • Direct implementation of rights management capabilities for data protection.
  • Implement technical solutions for securing structured and unstructured data in the cloud.
  • Analyze event data to derive security insights and enhance data usability.
  • Advise on security improvements balancing risk with operational efficiency.

Benefits

  • Flexible work environment with hybrid options.
  • Professional development opportunities.
  • Access to cutting-edge data security technologies.
  • Collaboration with legal teams on compliance and regulatory issues.
  • Exposure to dynamic challenges in data security across various industries.
Full Job Description
Leadership position responsible for spearheading the vision, design, and implementation of data security controls for CNA. This position leads the data security team, develops data security strategies, and conducts data security readiness assessments for the selection, development and implementation of enterprise data security standards. This position will focus on designing data encryption programs, developing policies and procedures, and strategy. Additional responsibilities include data classification, data privacy/risk assessments, and implementation of programs and data protection as a service. This position also has exposure to a range of Data Security technologies ranging from Data Loss Prevention (DLP), Cloud Access Security Brokers (CASB), DLP features, Encryption/Tokenization, Digital Rights Management, Data Protection, and Data Discovery across Structured, Unstructured and Cloud.

JOB DESCRIPTION:

Essential Duties & Responsibilities

Performs a combination of duties in accordance with departmental guidelines:
  • Develops, coordinates and is accountable for the Secure Data Strategy - Embedding security into the overall approach and vision for data in an organization.
  • Builds, leads and has full management responsibility for the performance and development of a team of experienced data security professionals.
  • Oversees Secure Data Integration - Incorporating data discovery, classification and remediation processes to align with business processes protecting data from various sources.
  • Directs implementation of technical capabilities such as rights management to enforce the movement or transmission of data.
  • Data Security in the Cloud - Implements technical capabilities to identify, classify and secure structured and unstructured data assets.
  • Secures Data Analytics - Collects and analyzes business and event data to drive security value and enables the utilization of data as a business asset.
  • Documents and advises on areas of security improvement that balances risk with business operations and do not diminish efficiencies or innovation.
  • In collaboration with Legal, identifies current and potential legal and regulatory issues affecting information security and assesses their impact on CNA's security and technology teams.

May perform additional duties as assigned.

Reporting Relationship

Typically AVP or above

Skills, Knowledge & Abilities
  • Expert level knowledge of data security concepts.
  • Proven ability to effectively lead, coach and develop a data security group.
  • Strong knowledge of the insurance industry, its products and services.
  • Strong knowledge of data security technical solutions (e.g. data loss prevention, classification inventorying tools, data discovery).
  • Expert knowledge of traditional and modern cloud data solutions.
  • Ability to assess risks in line with information security objectives and risk tolerance of the institution. Proven conceptual, analytical and evaluation skills.
  • Excellent interpersonal, verbal, presentation and written communication skills with the ability to effectively interact with internal and external business partners.
  • Ability to work well independently, under pressure and to meet tight deadlines.
  • Excellent project management skills with ability to organize, prioritize and plan effectively to meet project goals.
  • Expert knowledge of privacy/data standards and regulations local, domestic and global (State Level Data Protection, ISO, GAPP, NIST 800 53, HIPPA, HiTrust, Privacy by Design, GDPR, EU Data Protection Directives, CCPA, APEC Privacy Framework.


Education & Experience
  • Bachelor's Degree with Master's preferred in Computer Science, or related discipline, or equivalent.
  • Typically a minimum of 10 years of IT Security experience, preferably with recent cloud security experience.
  • Typically, a minimum of 5 years of security architecture experience designing or implementing data security solutions.
  • Typically, a minimum of 5 years of experience assessing or building programs in data security: data classification, data governance, data rights management, and data loss prevention.
  • Typically, a minimum of 3 years of experience in data protection solutions within cloud environments (e.g. AWS, Azure, GCP)
  • Typically a minimum of 5 years of hands-on experience with Data Security vendors, product capabilities, and solutions focus and not limited to Data Loss Prevention, Data Rights Management, Data Classification, and Data Privacy
  • Experience and background in security metrics creation and reporting specifically in the data space


#LI-KJ1 #LI-HYBRID

About CNA Financial Corporation

CNA Financial Corporation provides commercial property and casualty insurance products primarily in the United States. It offers professional liability coverages and risk management services to various professional firms, including architects, real estate agents, and accounting and law firms; directors and officers, employment practices, fiduciary, and fidelity coverages to small and mid-size firms, public and privately held firms, and not-for-profit organizations; and commercial property, general liability, cyber liability, umbrella, and excess liability, as well as various other property and casualty coverages for healthcare institutions, professional services firms, and other specialized industries. The company also provides warranty and service contracts for consumer goods, and extended service contracts for consumer automobiles and recreational vehicles; and accident and health, and group life insurance products. In addition, it offers management and professional liability insurance and risk management services, as well as other specialized property and casualty coverages to various healthcare organizations, including hospitals, physician groups, and nursing homes. The company markets its products through independent agents, brokers, and general underwriters to various customers, including small, medium, and large businesses; insurance companies; associations; and other industry groups. CNA Financial Corporation was founded in 1853 and is headquartered in Chicago, Illinois.
Learn more about CNA Financial Corporation
Size
5,600 employees
Market Cap
$11.2 billion
Industry
Finance & Insurance
Net Income
$690 million
Founded
1973
5 Year Trend
+4.7%
Revenue
$10.8 billion
NASDAQ
CNA
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at CNA Financial Corporation

More Information Technology Jobs

Find similar Data Security Director jobs:

NationwideChicago, IL