Data Protection Engineer, Sr.

Old National Bank has been serving clients and communities since 1834. With over $70 billion in total assets, we are a regional powerhouse deeply rooted in the communities we serve. As a trusted partner, we thrive on helping our clients achieve their goals and dreams, and we are committed to social responsibility and investing in our communities through volunteering and charitable giving.

We continually seek highly motivated and talented individuals as our people are critical to our success. In return, we offer competitive compensation with our salary and incentive program, in addition to medical, dental, and vision insurance.  401K, continuing education opportunities and an employee assistance program are also included in our benefit suite. Old National also offers a variety of Impact Network Groups led by team members who are passionate about driving engagement, creating awareness of diverse backgrounds and experiences, and building inclusion across the organization.  We offer a unique opportunity to join a growing, community and client-focused company that is firmly rooted in its core values.

Job Summary

The Sr. Data Protection Engineer is responsible for leading the organization's efforts to identify, assess, and evaluate potential vulnerabilities and threats to the organization's Classified data. This includes conducting regular data risk assessments, recommending controls and countermeasures to mitigate identified risks, and monitoring the effectiveness of the implemented security measures.

Salary Range

The annual salary range for this position is $60,000.00 - $121,300.00. Final compensation will be determined by location, skills, experience, qualifications and the career level at which the position is filled.

Key Accountabilities

• Develop and Implement data protection strategies and initiatives, including classification and handling, data access controls, inventory, encryption, and retention.
• Work closely with other stakeholders to enforce data protection related policy and respond to regulatory requirements.
• Develop and maintain data security policies, procedures, standards, and ensure that they are followed by the entire organization
• Work with cross-functional teams to create and maintain data inventories and data flows, and manage data sharing controls
• Drive the design and implementation of data access controls, ensuring only authorized access to Classified data
• CO-develop and implement data retention policy and procedures, ensure compliance with internal policy and external regulations
• Enforce data encryption standards and strategies to secure data at rest and in transit
• Lead incident response efforts related to data breach and work with stakeholders to mitigate impact
• Lead and conduct regular data risk assessments to identify potential vulnerabilities and threats to the organization's data and information systems
• Stay abreast of new developments in the field of cybersecurity and ensure that the organization's risk assessment and data security processes are aligned with industry standards and best practices
• Represent the organization in external meetings and interactions with clients, stakeholders, and other industry experts as needed

Key Competencies for Position

• Proven experience with data discovery, classification, handling, access, inventory, and retention
• Proven experience with data protection technologies, such as encryption, tokenization and data loss prevention tools.
• Experience with designing and implementing data security solutions for enterprise environments
• Strong understanding of data protection regulations and standards.
• Experience in developing and implementing data protection strategies and frameworks.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work cross-functionally and collaborate with various teams.

Qualifications and Education Requirements

• Bachelor’s degree in information security, Risk Management, or a related field.
• Minimum of 5 years of experience in data protection, information security, or risk management.
• Familiarity with data governance frameworks (e.g., DCAM, NIST Privacy Framework, FFIEC).