IT Analyst, Data Protection & Privacy Engineering

About the job

Here, we believe there’s not one path to success, we believe in careers that grow with you. Whoever you are or wherever you come from in the world, there’s a place for you at Sherwin Williams. We provide you with the opportunity to explore your curiosity and drive us forward. We’ll give you the space to share your strengths and we want you to show us what you can do. You can innovate, grow and discover in a place where you can thrive and Let Your Colors Show! Sherwin-Williams values the unique talents and abilities from all backgrounds and characteristics. All qualified individuals are encouraged to apply, including individuals with disabilities and Protected Veterans.

The IT Analyst, Data Protection & Privacy Engineering position is responsible for assisting in the creation and maintenance of enterprise-wide privacy, data protectionsecurity engineering, and design requirements. This position will work closely with application developers, system and network engineers, application and database administrators, project managers, and business owners to ensure data protection and information security measures are established for new and existing data processing environments. This person will provide subject matter expertise to the IT, privacy, and information security organization. This position will assist to identify deficiencies and contribute to the development of project plan(s) to remediate the deficiency and meet the data protection requirements set forth by applicable data privacy and security laws and regulations.

Essential Functions

Strategy and Planning

  • Maintain current knowledge of applicable state, federal and international privacy and data protection laws and regulations
  • Support a privacy and security architecture strategy aligned with business strategies and risk tolerance
  • Create and maintain security and privacy services strategic roadmap, data protection technology roadmap and current and target state architecture and engineering requirements
  • Assist to identify gaps and contribute to the development of project plan(s) to close the gaps and meet the data protection requirements set forth by applicable data privacy and security laws and regulations

Acquisition and Deployment

  • In collaboration with technical experts, analyze new systems, existing systems, and proposed changes to existing systems to verify that the system design and implementations (a) support the privacy and data protection safeguards and (b) implement necessary and appropriate data protection (information security) safeguards.
  • Perform research on industry best practices and emerging trends in security and privacy practices, services, and organizational structure
  • Develop and review security and privacy policies, standards, and control requirements to achieve target maturity levels with the company adopted frameworks
  • Create and update engineering requirements as required to address current and emerging security/privacy threats and regulatory requirements

Operational Management

  • Obtain and maintain a thorough understanding of our business processes, applications, standard programs, and reports as they related to privacy and data security.
  • Analyze complex business processes or issues and quickly understand the business issues and related privacy and data challenges.
  • Identify process improvement opportunities; define improvement requirements; conduct detailed analysis; act as a liaison between the business and development resources, and support the communication/training efforts related to process changes.
  • Communicate effectively with data owners to identify needs and evaluate business solutions.
  • Work frequently with key business personnel across all divisions, domestically and globally.
  • Exhibit personal ownership and accountability for continuous improvement.
  • Deliver informative, well-organized presentations. Understand how to communicate difficult/sensitive information tactfully.
  • Push creative thinking beyond the boundaries of existing company practices and mindsets.
  • Generate enthusiasm among team members. Challenge others to develop as leaders while serving as role models.
  • Facilitate effective team interaction. Acknowledges and appreciates each team member’s contributions.
  • Seek and participate in development opportunities beyond the training required by us.

Incidental Functions

  • Assist with other projects that contribute to the overall efficiency and effectiveness of the Data Protection & Privacy Engineering and Global Privacy Compliance teams.
  • Research or prototype new technologies and tools.
  • Complete special projects as requested
  • Up to 10% travel as required (domestic and international)
  • Work outside the standard office 7.5 hour workday may be required.

Position Requirements

Formal Education & Certification

  • Bachelor’s degree within an IT and/or Business field or equivalent experience.
  • Recognized risk or information system certifications (e.g., CRISC, CISA, CISSP) is a plus

Knowledge & Experience

  • 2+ years IT and/or Business experience.
  • Experience with designing, implementing, or monitoring IT controls at the application or infrastructure layers
  • Understanding of multiple technology domains including software development, database and operating system management as well as networking is preferred
  • Working knowledge of security control frameworks such as NIST Cyber Security Framework, NIST Privacy Framework, NIST 800-171, NIST 800-53, CIS Critical Security Controls, ISO 27001/2, COBIT is a plus
  • Demonstrated skill with presentation and communication tools such as MS PowerPoint, Visio, or other related tools.
  • Well versed in Microsoft Office applications.

Personal Attributes

  • Strong written and oral communication skills.
  • Ability and initiative to quickly learn and research new concepts, ideas, and technologies.
  • Strong systems/process orientation with demonstrated analytical thinking, organizational skills and problem-solving skills.
  • Ability to work in a team-oriented, collaborative environment.
  • Ability to facilitate meetings and follow up with resulting action items.
  • Ability to prioritize and execute tasks in a high-pressure environment.
  • Strong presentation and interpersonal skills.
  • Ability to work effectively in a multi-cultural environment, and to lead and influence cross-organizationally with and without direct authority
  • Ability to effectively move forward on tasks even with ambiguous or changing requirements.
  • Strong commitment to inclusion and diversity

Must be legally authorized to work in country of employment without sponsorship for employment visa status now or in the future.

Sherwin-Williams is proud to be an Equal Employment Opportunity/Affirmative Action employer committed to an inclusive and diverse workplace. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.

As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.

Primary Location

United States-Ohio-CLEVELAND

Work Locations

USA OH Cleveland Prospect Ave Headquarters

Travel

Yes, 10 % of the Time

Job Posting

Feb 14, 2022

Schedule

Full-time

Respond By

Apr 1, 2022

More Information

Apply for this job

Leave your thoughts

Share this job