Constellation Brands New Zealand & Australia · 1 month ago
Data Security Architect
Canandaigua, New York
Full-time
Onsite
Senior Level, Lead/Staff
$114K/yr - $208K/yr
8+ years expConstellation Brands is a leading producer and marketer of beer, wine, and spirits. The Data Security Architect is responsible for building a data protection program and shaping the strategy for securing sensitive data while promoting compliance across the organization. This role requires collaboration with IT and business units to ensure effective data governance and protection practices are implemented.
Wine And SpiritsWinery
Responsibilities
Actively monitor and assess control effectiveness, identify weaknesses, and suggest improvements to enhance our security posture and ensure regulatory compliance standards across the IT/OT environments
Familiarity with implementing, administering and reporting out of known data protection tools, such as the Microsoft E5 stack, endpoint, network, data security posture management (DSPM), data catalog or other complimentary suites
Experience with privacy-enhancing technologies, data encryption, access controls, security incident response, and data governance tools
Architect data protection strategies for on-prem, hybrid, and multi-cloud environments (Azure, AWS, GCP), including encryption, tokenization, and key management
Implement secure integration patterns for data movement between on-premise systems, cloud platforms, and external partners
Manage storage, access, and processing of confidential data including personal employee information by leveraging data protection frameworks
Monitor external privacy threats and trends, advising stakeholders on appropriate responses and adjustments to the privacy program
Manage the organization’s data protection program
Monitor compliance with information security policies and regulations and prepare regular reports for senior management and applicable regulatory bodies
Regularly meet with CISO and other key stakeholders to provide data risk assessments and mitigating steps to ensure data protection compliance
Partner with the Legal and Privacy teams, interpreting and implementing requirements of privacy related regulations (GDPR, CCPA/CPRA, New Zealand Privacy Act, Australia Privacy Act, etc.) that outline data protection requirements
Develop and communicate changes in data protection policy, ensuring all relevant employees are aware of and trained on new data practices
In-depth understanding of changing organizational, regulatory, and legal requirements around data protection and regularly updating and communicating organization policies to reflect these changes
Collaborate with business units to facilitate privacy risk assessments, ensuring risks are identified, documented, and mitigated appropriately
Define and oversee legal and regulatory assessments, including reporting and remediation of non-compliance findings
Liaise with enterprise architecture and IT teams to embed privacy-by-design principles into systems and processes, ensuring privacy requirements are built into technical architectures
Manage data privacy incidents and breaches, ensuring timely containment, investigation, and reporting to protect data and organizational reputation
Develop and maintain technology governance frameworks within both IT and OT environments and ensuring alignment with organizational goals
Qualification
Required
Bachelor's degree in cybersecurity, information systems, or a related field, or equivalent combination of education and experience
8+ of experience in data privacy, data protection, compliance, or risk management
Experience administering and optimizing data management tools such as Microsoft E5 stack, Netspoke, Cyera, Atlan, OneTrust or equivalent technologies
Strong understanding of global and regional data protection laws and regulations, such as GDPR, CCPA, HIPAA, and other relevant privacy frameworks
Strong understanding of technical and operational risks associated with data privacy, management and protection
Familiarity with privacy management frameworks (e.g., NIST Privacy Framework, ISO/IEC 27701) and experience developing and implementing privacy policies
Experience or advanced knowledge of privacy regulations and standards (e.g., GDPR, CCPA, ISO 27701) and IT/OT security frameworks/standards (e.g., CIS, NIST CSF, NIST 800-53, PCI DSS, SOX, IEC 62443)
Excellent written and verbal communication skills, with the ability to explain complex privacy concepts to both technical and non-technical audiences
Strong critical thinking and problem-solving skills, with a keen attention to detail and the ability to manage multiple priorities under tight deadlines
Ability to travel domestically and internationally
Occasional lifting up to 40lbs
Sitting, working at desk/personal computer for extended periods of time
Primary work environment is professional corporate office
Preferred
Professional privacy or compliance certifications such as Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), or Certified Information Systems Auditor (CISA) are preferred
Though not required, the ability to speak fluent Spanish is a benefit
Benefits
Paid time off
Medical/dental/vision insurance
401(k)
Company
Constellation Brands New Zealand & Australia
Constellation Brands New Zealand & Australia (CBNZA) is a grower, producer and distributor of globally recognised wine brands including New Zealand’s own Kim Crawford, Selaks and Tipping Point.
201-500 employees
H1B Sponsorship
Constellation Brands New Zealand & Australia has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (6)
2023 (6)
2022 (7)
2021 (9)
2020 (14)
Funding
Current Stage
Growth StageCompany data provided by crunchbase