Role Summary
Were looking for a technically strong IT Engineer to connect OneTrust Data Discovery to systems across our environment that store or process personal data Youll be handson gathering application and infrastructure data opening and validating network paths and working with technical SMEs to deploy and configure OneTrust worker nodes and connectors You dont need prior OneTrust experience you do need deep practical experience across enterprise infrastructure servers databases networking identity cloud and the ability to integrate scanning tools securely at scale
This role sits at the intersection of CyberSecurity IT Operations and Application Teams enabling automated discovery and classification of personal data to support compliance risk reduction and data governance initiatives
Key Responsibilities
- Asset Connectivity Inventory
- oCollect and maintain technical metadata hostnames IPs FQDNs environments OSDB versions portsprotocols authentication methods endpoints and data custodiansSMEs
- Integration Worker Node Deployment
- oMaintain OneTrust Data Discovery worker nodes and required connectorsadapters
- oEstablish secure connectivity to scan targets
- oValidate scanning coverage and troubleshoot connector credential and network issues end to end
- Credentials Access Management
- oCoordinate least privilege service accounts and manage secrets via enterprise vault eg CyberArk HashiCorp Vault Azure Key Vault
- oDefine and validate required rolespermissions for discovery and classification across systems DBs file systems cloud storage SaaS
- Network Enablement
- oRequest and validate firewall rules and security group changes document portsprotocols and network paths for discovery jobs
- oWork with network and platform teams to ensure connectivity adheres to segmentation zero trust and logging standards
- Technical SME Collaboration
- oPartner with application owners DBAs platform and cloud teams to schedule scans define maintenance windows and avoid performance impact
- oDocument configuration patternsplaybooks for repeatable onboarding of new systems
- Operational Excellence
- oImplement runbooks for connectors
- oDocument integration progress to project team
- Compliance
- oSupport audits by maintaining evidence change tickets approvals network diagrams access reviews
Required Qualifications
- Technical breadth across enterprise IT
- oOperating Systems Windows Server Linux RHELUbuntu
- oDatabasesStores SQL Server Oracle PostgreSQL MySQL MongoDB file shares SMBNFS SharePointOneDrive
- oNetworking TCPIP DNS routing NAT TLS proxies firewalls Palo AltoCheckpoint load balancers VPN
- oIdentity Access ADAzure ADEntra ID LDAP KerberosNTLM service principals role design
- Proven experience deployingscaling infrastructure agents or scanning tools eg vulnerability scanners DLP discoveryindexing backup agents EDR
- Experience with handson with credentialssecret management and least privilege access patterns
- Excellent documentation skills network diagrams runbooks onboarding playbooks and a collaborative approach with SMEs
- Ability to manage multiple integrations in parallel track dependencies and deliver to timelines
- Note Prior OneTrust experience is a plus but not required We will provide enablement for the specific OneTrust Data Discovery components
NicetoHave
Experience with OneTrust Data Discovery worker nodes connectors discovery jobs scheduling classification tuning
Familiarity with ServiceNow CMDB change management and automation workflows
Knowledge of data governanceprivacy concepts PIIPCIPHI data residency record of processing retention
Containerization familiarity DockerKubernetes for worker node packagingdeployment patterns
Key Deliverables
1 Asset Onboarding Work through prioritized list of target systems to connect data discovery to
2 Connectivity Documentation Document set ups for applications
3 Initial Coverage Work with ICRM to complete Catalog scans of applications
4 Playbooks Repeatable SOPs for new asset onboarding credential setup and change control
Skills
Mandatory Skills : One Trust Data Privacy, One Trust GRC
