Data Security Architect

Data Security Architect Responsibilities

• Design and implement enterprise-wide mechanisms to discover where data resides across on-premises, cloud, SaaS, data lakes, and third‑party environments.
• Establish and maintain an authoritative data inventory covering structured and unstructured data.
• Define and enforce standards to identify and classify data types, including confidential, regulated, proprietary, and intellectual property data.
• Ensure classification scales across diverse data sources and platforms.
• Identify and document data sources, data flows, and data lineage across systems.
• Assess risk associated with data movement, duplication, and exposure.
• Assess and govern how data is consumed by AI agents, ML models, and analytics platforms.
• Evaluate risks associated with training data, inference data, prompts, and outputs.
• Define controls to prevent unauthorized use of sensitive or IP data in AI workflows.
• Evaluate and implement IP protection mechanisms, including data watermarking, tagging, and fingerprinting.
• Ensure safeguards are in place to prevent data exfiltration, misuse, or IP leakage.
• Define data protection architecture aligned with least privilege, zero trust, and defense‑in‑depth principles.
• Partner with IAM, cloud security, and application teams to enforce access controls.
• Drive integration with DSPM, DLP, encryption, and monitoring solutions.
• Translate regulatory, legal, and contractual requirements into actionable data protection controls.
• Support audits, risk assessments, and incident response with defensible data intelligence.
• Establish metrics and reporting for data risk posture.
• Serve as a trusted advisor to engineering, data, legal, privacy, and AI teams.
• Lead architectural reviews and influence platform design decisions.
• Mentor junior architects and security engineers.

• 13–15 years of experience in data security, information protection, security architecture, or related roles.
• Deep expertise in data discovery, classification, and access governance.
• Strong understanding of cloud data platforms (AWS, Azure, GCP) and SaaS ecosystems.
• Hands‑on experience with DSPM, DLP, encryption, or data governance tools.
• Solid understanding of AI/ML data pipelines and AI risk management.
• Experience implementing IP protection techniques, including watermarking or tagging.
• Strong knowledge of regulatory frameworks (GDPR, SOX, privacy, IP protection).
• Ability to translate complex technical risks into business‑level insights.

• Experience working with DSPM platforms (e.g., Cyera, Wiz DSPM, BigID).
• Familiarity with secure AI adoption frameworks.
• Background in financial services or regulated industries.
• Architecture certifications (e.g., CISSP, CCSP, cloud security certs).

S&P Global states that the anticipated base salary range for this position is $143,000 – $205,000. Final base salary will be based on the individual’s geographical location as well as experience and qualifications for the role.

In addition to base compensation, this role is eligible for an annual incentive plan.

This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, please .

• Health & Wellness:
  Health care coverage designed for the mind and body.
• Flexible Downtime:
  Generous time off helps keep you energized.
• Continuous Learning:
  Access a wealth of resources to grow your career and learn new skills.
• Invest in Your Future:
  Secure your financial future through competitive pay, retirement planning, and financial wellness programs.
• Family Friendly Perks:
  Perks for partners and little ones, including retail discounts, referral incentives, and more.

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.

If you need an accommodation during the application process due to a disability, please send an email to:  and your request will be forwarded to the appropriate person.