Data Security Lead

S&P Global Corporate

About the Role: Data Security Lead

The Team: The IP Security team safeguards S&P Global’s proprietary assets—source code, models, datasets, design artifacts, architecture, and know‑how across applications and infrastructure. We set the standards, controls, and guardrails that prevent leakage, misuse, or unauthorized commercialization of intellectual property, and we enable product teams to innovate quickly while staying compliant with enterprise policy and regulatory obligations.

Responsibilities and Impact: The Data Security Engineering Lead – Intellectual Property (IP) is accountable for designing, implementing, and operating S&P Global’s enterprise capabilities for protecting intellectual property. This role converts the IP security architecture into scalable, resilient engineering solutions that provide deep visibility into where critical data and IP artifacts reside, what type of data they represent, how they are accessed, and how they are utilized across applications and AI systems.

The Engineering Lead oversees the day‑to‑day technical execution of IP discovery, classification, access monitoring, and protection controls. The role includes leading a team of engineers and partnering closely with architecture, cloud, data, and AI platform teams to ensure comprehensive and consistent safeguarding of the company’s intellectual property.

What We’re Looking For:

Engineering & Platform Implementation

• Lead the design, deployment, and operation of data security platforms supporting discovery, classification, and monitoring
• Implement enterprise-scale DSPM capabilities across cloud, on-prem, SaaS, and third-party environments
• Ensure platforms are reliable, scalable, and integrated with the broader security ecosystem

Data Discovery & Classification Execution

• Build and operate pipelines to identify where data resides across structured and unstructured sources
• Implement automated data classification and tagging aligned with enterprise standards
• Ensure continuous discovery and reclassification as data changes

Data Sources & Access Monitoring

• Integrate data security tools with IAM, cloud services, and data platforms
• Monitor and surface who has access to data , including privileged, service, and AI identities
• Detect over-permissioned access, stale entitlements, and anomalous data usage

AI Data Consumption Controls

• Implement controls to monitor and govern data used by AI agents, ML models, and training pipelines
• Instrument visibility into data flows supporting AI prompts, training, inference, and outputs
• Partner with AI platform teams to enforce approved data usage patterns

Intellectual Property (IP) Protection Engineering

• Implement IP protection mechanisms , including data watermarking, tagging, fingerprinting, and metadata controls
• Integrate IP protections into data pipelines and AI workflows
• Support detection and response to potential IP leakage events

Operational Security & Incident Response

• Operate and tune detection mechanisms for data exposure and misuse
• Support security incident investigations by rapidly identifying impacted data and access paths
• Partner with SOC and IR teams to automate alerts and response workflows

Engineering Leadership

• Lead, mentor, and grow a team of data security engineers
• Establish engineering standards, coding practices, and operational runbooks
• Drive automation to reduce manual effort and improve consistency
• Cross-Functional Collaboration
• Partner with Data Security Architects, Cloud Security, IAM, Privacy, Legal, and AI teams
• Translate architectural requirements into deployable engineering solutions
• Provide technical input into roadmap planning and platform evaluations

Basic Required Qualifications:

• 10+ years of experience in security engineering, data security, or platform security
• Strong hands-on experience implementing data discovery, classification, and monitoring solutions
• Deep expertise in cloud platforms (AWS, Azure, GCP) and data services
• Experience integrating security platforms with IAM, logging, SIEM, and SOAR
• Practical experience supporting AI/ML platforms and data pipelines
• Familiarity with IP protection techniques , including watermarking or tagging
• Strong scripting or programming skills (Python, Go, or similar)
• Experience operating production security platforms at scale

Preferred Qualifications

• Experience with DSPM platforms (e.g., Cyera, Wiz DSPM, BigID)
• Background in regulated industries (financial services, data providers)
• Knowledge of DLP, CASB, encryption, and key management
• Security or cloud certifications (CISSP, CCSP, cloud provider certs)