Cloud Data Security (DSPM)

Job Description:

STO-55

Qualified contractor to assist the Data Security and Cloud Security teams in enabling Data Security Posture Management (DSPM) capabilities within the existing Wiz cloud security platform. The contractor will play a crucial role in configuring, testing, and tuning Wiz's DSPM features, analyzing findings, and collaborating with cross-functional teams to remediate identified data security risks.

2. Objectives

The primary objectives of this engagement are to:

• Enable and configure Wiz's DSPM capabilities to identify and classify sensitive data across Cisco's cloud environments (AWS, GCP, Azure, etc.).

• Test and tune the DSPM platform to optimize its accuracy and effectiveness in detecting data security vulnerabilities.

• Analyze DSPM findings and generate comprehensive reports detailing data security risks and remediation recommendations.

• Collaborate with the Data Security, Cloud Security, and broader teams to implement remediation strategies and improve Cisco's overall data security posture.

3. Scope of Work

The contractor will perform the following tasks:

• DSPM Configuration:

o Configure Wiz's DSPM module to align with Cisco's data classification policies and security standards.

o Define and implement data discovery rules and patterns to identify sensitive data across cloud environments.

o Integrate Wiz DSPM with relevant data sources and cloud services.

• Testing and Tuning:

• Conduct thorough testing of the DSPM platform to validate its accuracy and completeness.
• Fine-tune data classification rules and detection algorithms based on test results.
• Address false positives and false negatives to optimize DSPM performance.

• Data Analysis and Reporting:

• Analyze DSPM findings to identify data security vulnerabilities, including exposed sensitive data, excessive permissions, and non-compliant data storage.
• Generate detailed reports outlining data security risks, prioritized remediation recommendations, and compliance status.
• Utilize data analytics and scripting (e.g., Python, SQL) to enhance reporting and analysis

• Remediation Support:

• Collaborate with Data Security and Cloud Security teams to develop and implement remediation plans.
• Provide technical guidance and support for remediation activities.
• Track and report on remediation progress.

• Documentation:

• Document all configuration settings, testing procedures, and analysis results.
• Create knowledge base articles and training materials for internal teams.

4. Required Skills and Experience

• Strong understanding of cloud security concepts and best practices (AWS, GCP, Azure).
• Demonstrated experience in data security and data governance.
• Experience configuring and implementing DSPM platforms (Wiz preferred, other vendors acceptable).
• Proficiency in data analysis and reporting.
• Scripting and automation skills (e.g., Python, Bash, SQL).
• Excellent communication and collaboration skills.
• Ability to work independently and as part of a team.
• Experience in testing and tuning security platforms.
• Experience in remediation of security findings.

6. Reporting Structure

• The contractor will report to the Lead Data Security Engineer.

7. Deliverables

• Configured and optimized Wiz DSPM platform.
• Test reports and tuning documentation.
• Data security risk assessment reports.
• Remediation plans and progress reports.
• Knowledge base (KB) articles and training materials.

Comments for Suppliers:

Wiz experience. Working in cloud environments (e.g.,. AWS). Data Security fundamentals.