Senior Data Security Engineer

Aon is looking for a Senior Data Security Engineer - as part of an industry-leading team, you will help empower results for our clients by delivering innovative and effective solutions as part of our Data Security Engineering team within Aon.

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organization, we are united through trust as one inclusive team, and we are passionate about helping our colleagues and clients succeed.

• Design, build, maintain and support a set of Data Security platforms and solutions
• Build and tune custom use cases, policies, rules, alerts, metrics, dashboards and reporting for each of the Data Security solutions based on cybersecurity and business needs
• Drive strategy, define and maintain the road map for the adoption, expansion and integration of the Data Security solutions
• Understand the product capabilities at a detailed level to support identification of opportunities for adoption, expansion and integration
• Socialise and gain management support for proposals across multiple security, technology and business domains
• Conduct detailed level analysis of the solution capabilities to identify potential areas for both process and/or system integration
• Facilitate the evaluation of Data Security products, standards and services, as well as design standard and custom solution configurations
• Engage with Aon's broader regulatory, privacy, security, platform and architecture teams to identify and drive opportunities to use the Data Security capabilities to enhance Aon's overall security ecosystem
• Develop and maintain processes/procedures around Data Security based on environmental changes
• Coordinate various tasks with other teams related to department's initiatives/projects (e.g. IT Infrastructure, Networking, Database and Architecture)
• Provide a guidance to teams outside of security on security standard methodologies and Aon Security requirements
• Engage, coordinate and manage vendor relationships for Data Security solutions
• Research and evaluate new solutions and capabilities in the Data Security landscape

• Proven technical experience and expertise with security infrastructure architecture design, implementation, management and support for security solutions
• Hands-on experience designing, implementing and supporting at least one of the following Security technologies: Data Security Posture Management (DSPM), Data Discovery, Data Loss Prevention (DLP), Data Classification and Labeling, Data Encryption, Data Masking, Data Tokenization and Key Management, Certificate Management and PKI
• Hands-on experience with one or more of the following technologies or solutions: Windows Server, Linux, IIS, Apache, Active Directory (AD), Entra, LDAP, Azure, AWS, GCP
• Hands-on experience with DevOps or DevSecOps processes and tooling: GitLab, GitHub, Kanban, Agile, Scripting and Automation
• Must have recent experience in leading technical implementations
• Excellent problem solving and analytical skills with a solid attention to detail
• Flexible self-starter with strong initiative, with ability to work independently and as part of a team

• Minimum 5+years of experience in data governance, data architecture and systems integration is preferred.
• Minimum 5+years of experience in development of solution roadmaps, solution architecture and solution design is preferred.
• Experience in documentation and presenting Cyber Security designs and roadmaps for Information Security, Information Technology and business consumption
• Hands-on experience managing any of the following Data Loss Prevention (DLP) technologies or solutions: Microsoft Purview DLP, Symantec DLP, Forcepoint DLP, Proofpoint DLP, Digital Guardian
• Hands-on experience managing any of the following Data Classification and Labeling technologies or solutions: Microsoft Purview Information Protection (MIP), Microsoft Azure Information Protection (AIP), Titus Classification Suite, Bolden James
• Hands-on experience managing any of the following Data Security Posture Management (DSPM) technologies or solutions: WIZ.IO, Varonis Data Security Platform, BIG ID, Forcepoint DSPM, Zscaler DSPM, Crowdstrike DSPM
• Hands-on experience managing any of the following Encryption at rest and Key management technologies or solutions: Thales CipherTrust, Thales Vormetic, FIPS 140-2 / Hardware Security Modules (HSM), Key Management Interoperability Protocol (KMIP), Key Management, Key Rotation, Data Minimization, Data Redaction, Data Masking, Application Encryption, Database Encryption, File and Storage Encryption, Symetric Encryption
• Hands-on experience managing any of the following Certificate management and Encryption in Motion technologies or solutions: Venafi Trust Protection Platform, Public Key Infrastructure (PKI), Microsoft ADCS, Digicert CertCentral, Certificate Management, Asymetric Encryption
• Hands-on experience managing any of the following Cloud Hosting solutions or platforms: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), VMware Cloud, Microsoft Office 365
• Hands-on experience managing any of the following Virtualization, containerization or Orchestration solutions: VMware, Microsoft Hyper-V, Docker, Kubernetes, Puppet, Ansible, Salt, AWS CloudFormation
• Experience in any of the following technology platforms and solutions: Windows Workstation and Server, Linux, Web Services (IIS, Apache, NGIX), Active Directory (AD), LDAP, DNS, Email (Sendmail, MS Exchange), Networking (TCP/IP, Routing, Switching), Database management, DevOps processes and technologies
• Experience with service management processes (Change Management, Problem Management, Release Management) and a working knowledge of IT Infrastructure Library (ITIL) service management processes
• Scripting Skills (e.g. Python, PowerShell, Regular expressions)
• Proficient in operating in a highly matrixed multinational organisation
• Security certification(s) such as CISSP, CISM, GISP, Security+ or equivalent strongly preferred

Education: Bachelor's degree in Information Technology, Systems Engineering, or equivalent years of industry experience.

In addition to our comprehensive benefits package, we encourage an inclusive workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two "Global Wellbeing Days" each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognize that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working!

Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued.

Aon values an innovative and inclusive workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.

Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status. People with criminal histories are encouraged to apply.

We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com

For positions in San Francisco and Los Angeles, we will consider for employment qualified applicants with arrest and conviction record in accordance with local Fair Chance ordinances.

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.

The salary range for this position (intended for U.S. applicants) is $90000 to $120,000 annually. The actual salary will vary based on applicant's education, experience, skills, and abilities, as well as internal equity and alignment with market data. The salary may also be adjusted based on applicant's geographic location.

This position is eligible to participate in one of Aon's annual incentive plans to receive an annual discretionary bonus in addition to base salary. The amount of any bonus varies and is subject to the terms and conditions of the applicable incentive plan.

Aon offers a comprehensive package of benefits for full-time and regular part-time colleagues, including, but not limited to: a 401(k) savings plan with employer contributions; an employee stock purchase plan; consideration for long-term incentive awards at Aon's discretion; medical, dental and vision insurance, various types of leaves of absence, paid time off, including 12 paid holidays throughout the calendar year, 15 days of paid vacation per year, paid sick leave as provided under state and local paid sick leave laws, short-term disability and optional long-term disability, health savings account, health care and dependent care reimbursement accounts, employee and dependent life insurance and supplemental life and AD&D insurance; optional personal insurance policies, adoption assistance, tuition assistance, commuter benefits, and an employee assistance program that includes free counseling sessions. Eligibility for benefits is governed by the applicable plan documents and policies.

#LI-NS1

#LI-REMOTE