• Support the configuration, deployment, and tuning of Data Protection and Data Loss Prevention (DLP) solutions across cloud and on-prem environments. • Assist in the development and refinement of data protection strategies, ensuring alignment with Zero Trust Architecture principles. • Contribute to assessments and recommendations that help improve data loss prevention, data valuation, and data governance practices. • Work with Infrastructure & Operations teams to ensure data protection controls are implemented correctly and consistently. • Assist in developing classification and data valuation frameworks, including contributing to documentation and standards. • Support updates to policies, workflows, and SOPs that ensure the appropriate protection and handling of sensitive data. • Help develop documentation, diagrams, and guidance on data handling to support data protection and governance initiatives. • Participate in technical reviews and risk assessments, contributing findings and observations related to data protection. • Assist with evaluating data protection tools and technologies, including DLP rule sets, tagging/classification tools, and cloud native security features. • Support the implementation of data categorization and classification activities aligned with Zero Trust data requirements. • Help maintain data definitions, data health metrics, and data governance documentation to promote consistency across the organization. • Work with cross-functional teams to define and clarify data protection requirements and support data-related project activities.

• Lead the design, implementation, and optimization of enterprise Data Protection and Data Loss Prevention (DLP) solutions. • Develop and execute strategies to protect sensitive data across cloud and on-premises environments, consistent with Zero Trust architecture principles. • Recommend new features and improvements to enhance the customer’s posture on data protection, data loss prevention, and data valuation. • Collaborate with Infrastructure & Operations teams to integrate data protection capabilities within broader enterprise technology ecosystems. • Partner with the Office of the Chief Information Security Officer (OCISO) to establish frameworks, standards, and operational processes for data valuation and data classification. • Drive the creation of policies, workflows, and governance models that ensure data is adequately protected based on business value and regulatory requirements. • Serve as a subject-matter expert to federal clients on data management, data protection, and secure data handling best practices. • Provide technical leadership on enterprise data initiatives, including architecture reviews, risk assessments, and roadmap development. • Support continuous improvement by evaluating new tools, emerging technologies, and evolving compliance requirements within the data protection space. • Lead the development and implementation of enterprise data categorization and classification frameworks in support of the CDO’s Zero Trust Data Pillar, ensuring accurate identification and protection of high-value and sensitive data assets. • Design and mature data valuation models that account for data sensitivity, business criticality, lifecycle state, and usage context, enabling risk-informed decision-making and the prioritization of protection controls. • Recommend and drive enhancements to enterprise document labeling and handling processes, ensuring alignment with data classification policies, regulatory requirements, and DLP/Zero Trust enforcement mechanisms. • Translate complex data architectures, security concepts, and governance models into clear, actionable insights for mixed technical and non-technical audiences to drive adoption of enterprise data governance and protection practices. • Develop, document, and maintain data health metrics, standardized data definitions, and data governance SOPs, ensuring consistency, transparency, and operational rigor across data protection and management functions.

• Lead the initial screening of third-party vendors, proactively identifying potential privacy risks and determining the scope for more comprehensive compliance evaluations. • Conduct in-depth privacy assessments with key vendors, analyzing their data handling practices and critically evaluating their privacy risk posture. • Drive ongoing risk management efforts for third-party engagements, continuously monitoring and addressing evolving privacy concerns to maintain robust data protection standards. • Review and validate Privacy Impact Assessments (PIAs) submitted by business units, ensuring all data processing activities align with company policies and regulatory requirements. • Serve as a critical resource and advisor to internal teams and external partners, translating complex privacy regulations into actionable guidance and fostering best practices.

• Develop, update, and maintain cybersecurity policies, SOPs, and related documentation for IT systems. • Ensure all documentation aligns with NIST SP 800-53 security controls and RMF requirements. • Collaborate with system owners, ISSOs, stakeholders and IT system support teams to gather technical and procedural information required for test results and documentation. • Input and manage control test results and system security documentation within the Enterprise Mission Assurance Support Service (eMASS) system. • Support the preparation of Assessment and Authorization (A&A) packages within eMASS. • Track and report on documentation status, updates, and compliance metrics. • Assist in internal audits and inspections to ensure documentation meets regulatory and operational standards. • Provide training and guidance on policy and SOP development to technical teams