Director, Cyber Defense & Response - Data Security

Job Classification:

Technology - Information Security
** Your Team & Role
** The Director of Data Security is responsible for leading the daily operations of Prudential’s enterprise Data Security Program, focused on protecting data across on-premises, cloud, and endpoint environments.

This role oversees the governance of data security capabilities, including monitoring, detection, and response to potential data security events. The Director works closely with the Chief Technology Office, Chief Data Office, HR, Privacy, Compliance, Legal, and Enterprise Risk Management to ensure secure data handling, storage, and transmission practices are consistently applied across the organization.

The Director establishes operational processes, governance of control standards, and response procedures aligned with company standards to ensure data risks are identified, protected, detected, and addressed in a consistent and defensible manner. The role also provides leadership with insights into data risk exposure, control effectiveness, and emerging threats to support informed decision-making and strengthen the organization’s overall data security posture.
** Here is what you can expect on a typical day:
*** Build, mentor, and manage a team of data security specialists responsible for monitoring and investigating data security incidents.
* Develop and maintain data security policies, standards, and procedures aligned with company policies and standards.
* Partner with key stakeholders to support efforts around identification and classification of data assets.
* Ensure appropriate protection mechanisms such as encryption, access controls, and DLP are implemented.
* Support data security risk assessments and control gap analysis to identify exposures affecting sensitive data.
* Oversee monitoring and detection capabilities to identify potential data loss, misuse, or unauthorized access.
* Direct response activities for data security incidents, including investigation, containment, remediation, and reporting.
* Partner with IT, Risk, Compliance, and Privacy teams to ensure secure data handling, storage, and transmission practices.
* Support education and awareness initiatives to promote responsible data handling.
* Provide executive reporting on data risk posture, security metrics, and program maturity.
* Continuously evaluate emerging threats, regulatory changes, and industry practices to enhance the data security program.
* Drive continuous improvement of detection, investigation, and prevention capabilities in alignment with leading practices.
* Operate effectively in ambiguous and complex situations, independently assessing risk, making timely decisions, and applying a flexible, solutions-oriented approach to resolve insider risk challenges.
* Continuously develop professional expertise by completing relevant training and pursuing industry-recognized certifications to stay current with evolving insider risk, cybersecurity, and investigative practices.
** The Skills and Expertise You Bring:
*** Bachelor’s degree in Information Security, Computer Science, Cybersecurity, or a related field preferred.
* 8+ years of experience in cybersecurity with a strong focus on data security, data protection, and governance.
* Demonstrated experience leading enterprise or global data security programs and managing security teams.
* Strong understanding of data protection principles aligned with industry best practices and frameworks.
* Experience implementing and managing data security controls such as data classification, access control, encryption, data loss prevention (DLP), and monitoring of data usage.
* Hands-on experience with security technologies used to protect and monitor data, including SIEM, CASB, DSPM, and cloud security platforms.
* Familiarity with regulatory and privacy requirements impacting data protection (e.g., GDPR, HIPAA, CCPA) and their associated control expectations.
* Ability to conduct data risk assessments, control gap analysis, and remediation planning to strengthen protection of sensitive information assets.
* Strong leadership, communication, and stakeholder management skills, with the ability to collaborate across IT,…