Principal Data Security Analyst - Data Classification & Governance

About the Role

Key Responsibilities

• Actively participate in data discovery initiatives to identify and inventory sensitive data (PII, SPI, financial, IP, AI training data) across key enterprise systems such as Google Workspace, Salesforce, Workday, NetSuite, and Snowflake.
• Assist in executing pilot programs for data classification on high-priority systems and contribute to refining classification processes.
• Assist data Stewards and system owners in implementing the data classification policy and data handling standards to support their operationalization.
• Collaborate with Business Technology and Security engineering teams to test and validate the implementation of technical controls like DLP rules and CASB configurations based on data classification.
• Help define and test controls related to sensitive data input into enabled AI tools.
• Become proficient in using selected data discovery, classification, and governance tools, including assisting with configuration, scans, and reviewing results.
• Contribute to developing and maintaining documentation for classification procedures and tool usage.
• Work closely with Data Stewards to understand data context, validate classification results, and ensure alignment with business needs.
• Partner with application owners to facilitate classification efforts and implement necessary data handling changes.
• Support Security GRC by providing data and insights for risk assessments and compliance reporting related to data classification.
• Assist in establishing and tracking key metrics for data classification coverage, accuracy, and control effectiveness.
• Contribute to developing dashboards and reports for program stakeholders and the Data Governance Council.

Requirements

• Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent practical experience.
• 10+ years of experience in data security, governance, IT risk management, or a similar analytical role focusing on data protection.
• Strong understanding of data classification principles, methodologies, data lifecycle management, and data handling best practices.
• Hands-on experience with data discovery and/or data classification tools and technologies.
• Solid understanding of data protection concepts and technologies such as DLP, data masking, tokenization, encryption, and IAM.
• Knowledge of key data privacy regulations like CCPA and GDPR and their impact on data handling.
• Excellent analytical, problem-solving, and critical-thinking skills with meticulous attention to detail.
• Proven ability to work effectively in cross-functional teams and manage multiple tasks.
• Strong written and verbal communication skills, capable of articulating technical concepts to varied audiences.

Nice to Have

• Experience with specific data governance or classification platforms such as Varonis, OneTrust, Google Cloud DLP, Snowflake Data Classification.
• Experience implementing or operating data security controls in SaaS environments like Salesforce, Workday, Google Workspace, M365, and cloud platforms such as AWS, Azure, GCP.
• Familiarity with security considerations for AI/ML systems and data inputs, including AI-native solutions for data labeling and classification.
• Hands-on experience with AI governance principles and frameworks, including controls for responsible AI use.
• Experience in developing and delivering training or awareness materials.
• Relevant industry certifications such as CISM, CISSP, CIPP, CDMP, or tool-specific certifications.

Benefits & Perks

• Annual base salary range between $170,000—$254,000 USD for San Francisco Bay Area candidates, and between $151,000—$227,000 USD for other locations in California (excluding SF Bay Area), Colorado, New York, and Washington.
• Equity (where applicable), bonus, and comprehensive benefits including health, dental, and vision insurance.
• 401(k), flexible spending account, paid leave including PTO and parental leave.
• Access to Okta's flexible and dynamic work environment, tools, and technology.
• Opportunities for social impact, talent development, and community fostering.