| Company | The Hershey Company |
|---|---|
| Location | US, Remote or Hershey, PA |
| Preferred GIAC Certifications | GSTRT, GAIPS, GMLE |
| Travel | 5% |
| Salary | Not provided |
| URL | https://career4.successfactors.com/sfcareer/jobreqcareerpvt?jobId=128695&company=Hersheys&st=A496594568F44F1450140E5410E05D09EC926BA2 |
| Contact Name | Jeremiah |
| Contact Email | jhainly/at/hersheys.com |
| Expires | 2026-05-27 |
Job Description
Summary:
The Staff Security Engineer, Data Protection & AI Security, serves as the strategic technical leader responsible for advancing the enterprise data protection program. This role partners with Information Security, IT, Data Governance, and Legal stakeholders to define the long-term strategy for protecting sensitive data across the organization, including emerging risks associated with artificial intelligence.
The position is responsible for developing the data protection roadmap, translating governance priorities into technical initiatives, and leading the design and implementation of security controls that protect sensitive data across endpoints, cloud services, collaboration platforms, and AI systems. This role combines technical expertise, cross-functional leadership, and program execution to ensure the organization’s data protection capabilities evolve alongside new digital capabilities and regulatory expectations.
Major Responsibilities:
Lead the strategic evolution of the enterprise data protection program by identifying risks, defining long-term capabilities, and developing the technical roadmap required to protect sensitive information across the enterprise.
Lead the architecture and implementation of technical solutions that prevent unauthorized access, exposure, or misuse of sensitive information.
Collaborate with cross-functional stakeholders to ensure sensitive data is properly owned, classified, governed, and protected.
Develop service delivery and workstream processes
Required Skills:
Deep expertise in enterprise data protection concepts including data classification, DLP, insider risk, and secure data lifecycle management
Strong understanding of risks associated with artificial intelligence, generative AI platforms, and data exposure
Experience implementing enterprise data protection technologies such as data classification, data loss prevention, or data security posture management platforms
Ability to lead cross-functional initiatives involving Security, IT, Legal, and Data Governance teams
Strong technical architecture skills across enterprise infrastructure including cloud platforms, endpoints, and collaboration tools
Excellent communication skills with the ability to influence both technical and executive stakeholders
Minimum Education and Experience Requirements:
7+ years of experience in cybersecurity engineering or architecture
Demonstrated experience designing or leading enterprise data protection programs
Experience implementing data classification, data loss prevention, and cloud data security controls
Experience collaborating with data governance or data management teams
Familiarity with security risks and controls related to artificial intelligence and large language models
Experience in establishing and continuous tracking of KPI’s and metrics
Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field (Master’s preferred) - Certifications (GSTRT, GAIPS, GMLE)
