Senior Director, Global Data Protection & AI Security
Regeneron
12 hours ago
On-site
Sleepy Hollow, NY
IT
A Typical Day In This Role Looks Like
- Determine organizational structures and allocate responsibilities across the Global Data Protection function (DS Consulting, Auto-Classification, Application & API Data Protection, Trusted Share/Data Mover, DLP Monitoring).
- Develop and execute a multi-year data protection strategy, including phased roadmaps for DSPM coverage expansion, DLP maturity, and insider risk program buildout.
- Advise the Enterprise Data & AI governance council on data protection, privacy security, and AI data risk.
- Set function objectives and monitor performance and schedules across sub-functions.
- Own the enterprise Data Security Posture Management (DSPM) strategy, including discovery, classification, and risk assessment of 112+ PB data estate across on-prem, AWS/Snowflake/Databricks/Unity Catalog, and SaaS.
- Expand Varonis coverage from M365/O365 to Isilon NAS, cloud/IaaS, and additional SaaS platforms.
- Provide end-to-end data protection control strategy for data in motion, at rest, and in use (endpoint, cloud, email, network).
- Oversee DLP policy development/deployment/tuning using Microsoft Purview, Zscaler, Varonis, and CASB/SASE capabilities.
- Own enterprise Insider Risk program strategy with an integrated operating model across HR, Legal, Corporate Security, and Security Operations.
- Develop and mature detection/behavioral analytics for data misuse using Splunk UBA and DLP telemetry.
- Establish case management, investigation, and escalation protocols for insider risk incidents.
- Partner with senior leadership to align priorities with business strategies.
- Maintain audit-ready documentation, operational metrics, and reporting for CISO/Audit Committee/regulators.
- Benchmark maturity and incorporate relevant threat intelligence via external partners.
This Role Might Be For You If
- Hands-on experience auditing AI/ML systems; data protection-by-design for AI/agentic AI (training data governance, input/output monitoring, residency enforcement, access controls).
- Life sciences/pharma experience with GxP data integrity, clinical trial data protection, or manufacturing IP security.
- Familiarity with Databricks Unity Catalog, Snowflake, and/or AWS data lake security for DSPM/access governance.
- AI data security experience (LLM governance, output handling, AI insider risk).
- Data catalog/metadata governance platforms (Collibra, Privacera).
- Certifications: CISSP, CIPP/E, CIPP/US, CDPSE, CIPM, CISM (or equivalent).
This Role Requires
- Bachelorβs degree in IT/CS/Cybersecurity/Information Management (advanced degree preferred).
- 15+ years in information security/data protection with depth in DSPM, DLP, insider risk.
- 5+ years leading a recognized security/data protection function (people management).
- 3+ years hands-on enterprise DSPM or DLP in multi-cloud.
- Cross-functional program leadership involving HR, Legal, Privacy, and Security.
On-site: 4 days/week (Sleepy Hollow, NY or Warren, NJ); relocation benefits if eligible; not fully remote.
Benefits/Pay/Apply
- U.S. benefits may include health and wellness, fitness centers, 401(k) match, equity awards, annual bonuses, paid time off, and paid leaves (location-dependent).
- Salary Range (annually): $242,000.00 - $403,300.00.
- Apply now.
- Determine organizational structures and allocate responsibilities across the Global Data Protection function (DS Consulting, Auto-Classification, Application & API Data Protection, Trusted Share/Data Mover, DLP Monitoring).
- Develop and execute a multi-year data protection strategy, including phased roadmaps for DSPM coverage expansion, DLP maturity, and insider risk program buildout.
- Advise the Enterprise Data & AI governance council on data protection, privacy security, and AI data risk.
- Set function objectives and monitor performance and schedules across sub-functions.
- Own the enterprise Data Security Posture Management (DSPM) strategy, including discovery, classification, and risk assessment of 112+ PB data estate across on-prem, AWS/Snowflake/Databricks/Unity Catalog, and SaaS.
- Expand Varonis coverage from M365/O365 to Isilon NAS, cloud/IaaS, and additional SaaS platforms.
- Provide end-to-end data protection control strategy for data in motion, at rest, and in use (endpoint, cloud, email, network).
- Oversee DLP policy development/deployment/tuning using Microsoft Purview, Zscaler, Varonis, and CASB/SASE capabilities.
- Own enterprise Insider Risk program strategy with an integrated operating model across HR, Legal, Corporate Security, and Security Operations.
- Develop and mature detection/behavioral analytics for data misuse using Splunk UBA and DLP telemetry.
- Establish case management, investigation, and escalation protocols for insider risk incidents.
- Partner with senior leadership to align priorities with business strategies.
- Maintain audit-ready documentation, operational metrics, and reporting for CISO/Audit Committee/regulators.
- Benchmark maturity and incorporate relevant threat intelligence via external partners.
This Role Might Be For You If
- Hands-on experience auditing AI/ML systems; data protection-by-design for AI/agentic AI (training data governance, input/output monitoring, residency enforcement, access controls).
- Life sciences/pharma experience with GxP data integrity, clinical trial data protection, or manufacturing IP security.
- Familiarity with Databricks Unity Catalog, Snowflake, and/or AWS data lake security for DSPM/access governance.
- AI data security experience (LLM governance, output handling, AI insider risk).
- Data catalog/metadata governance platforms (Collibra, Privacera).
- Certifications: CISSP, CIPP/E, CIPP/US, CDPSE, CIPM, CISM (or equivalent).
This Role Requires
- Bachelorβs degree in IT/CS/Cybersecurity/Information Management (advanced degree preferred).
- 15+ years in information security/data protection with depth in DSPM, DLP, insider risk.
- 5+ years leading a recognized security/data protection function (people management).
- 3+ years hands-on enterprise DSPM or DLP in multi-cloud.
- Cross-functional program leadership involving HR, Legal, Privacy, and Security.
On-site: 4 days/week (Sleepy Hollow, NY or Warren, NJ); relocation benefits if eligible; not fully remote.
Benefits/Pay/Apply
- U.S. benefits may include health and wellness, fitness centers, 401(k) match, equity awards, annual bonuses, paid time off, and paid leaves (location-dependent).
- Salary Range (annually): $242,000.00 - $403,300.00.
- Apply now.