Apply on Employer Site

Ally · 2 days ago

Principal – Cyber Security

Charlotte, NC

Full-time

Hybrid

Senior Level, Lead/Staff

$110K/yr - $180K/yr

5+ years exp

Ally Financial is a customer-centric, leading digital financial services company. The Principal of Cyber Security role involves developing and implementing a comprehensive approach to managing security risks, providing technical guidance, and leading initiatives related to data security and privacy within the organization.

AutomotiveFinanceFinancial Services

H1B Sponsor Likely

Responsibilities

Work with the Director Cyber Security Lead to ensure the security program addresses identified risks and business requirements

Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the Director Cyber Security Lead with a realistic overview of risks and threats in the enterprise environment

Oversee enterprise-wide data discovery and classification efforts, ensuring accurate identification and categorization of sensitive information across structured and unstructured data sources

Champion data obfuscation strategies, including masking, tokenization, de-identification, and redaction, to safeguard confidential data in production and non-production environments

Develop and maintain data privacy controls, aligning with regulatory requirements (PCI, SOX, GLBA, NYDFS, Sarbanes-Oxley, etc.) and internal policies

Collaborate with Risk Assessment and Data Governance teams to remediate risk findings and implement mitigation strategies

Ensure the organization’s data security posture meets audit and regulatory standards

Prepare and validate checklists and documentation for compliance reviews and regulatory exams

Stay current on evolving privacy laws and regulations, translating requirements into actionable security controls

Design and implement data security solutions for on-premises and cloud environments (AWS, Azure)

Manage deployment and sustainment of data security technologies (e.g., Delphix, IBM Optim, BigID, Informatica, GenRocket)

Guide the team in developing and maintaining automated tools for data profiling, masking, and reporting

Measure KPI & KRIs against defined objectives and proactively predict potential critical risks

Mentor and develop team members, fostering a culture of continuous improvement and innovation

Build strong relationships with business, IT, and compliance stakeholders to align security objectives with organizational goals

Communicate effectively with technical and non-technical partners, including senior leadership

Design and enhance support processes, perform data analysis, track workflow burndown to meet milestones, and deliver KPI/KRI reporting to improve the stability, resiliency, and performance of business-critical applications

Qualification

Data SecurityPrivacy InitiativesRegulatory ComplianceData DiscoveryData ClassificationData ObfuscationData Security TechnologiesScriptingAutomationCloud EnvironmentsRisk AssessmentKey Risk IndicatorsCertifications CISMCertifications CISSPCertifications etc.Team DevelopmentCommunication Skills

Required

5+ years in IT, data security, privacy, or related fields

Bachelor's degree in Computer Science, Cyber Security, a related field or equivalent experience

Proven experience in data discovery, classification, and obfuscation (masking, tokenization, de-identification)

Strong understanding of regulatory processes and compliance frameworks (PCI, SOX, GLBA, NYDFS, Sarbanes-Oxley)

Hands-on expertise with data security technologies (Delphix, IBM Optim, BigID, Informatica, MS Purview, etc)

Experience implementing and managing data privacy controls in large-scale banking or financial environments

Proficiency in scripting and automation (Python, VBA, JavaScript, SQL)

Previous experience working with Power BI including up to date knowledge on the latest Power BI features and functions. Proficiency in developing complex DAX calculations that are accurate and performant on large datasets

Working knowledge on Splunk and related reporting capabilities

Knowledge of big data concepts and cloud data warehouse (Hadoop/ Snowflake)

Knowledge of Data Security capabilities Encryption, Tokenization (Protegrity, Thales/Vormetric, etc.), De-identification (Hashing, Masking, Redaction etc.) (Delphix, Informatica, Privitar, etc.), and Key and Certificate Management (Entrust, Thales/Gemalto, Venafi, etc.)

Understanding of Amazon Web Services (AWS) and Azure and use of AWS security tools

Strong understanding of security controls and how they should be implemented across applications, systems, and internal/cloud platforms

Proficient with documenting security governance processes and procedures in team runbook

Experience developing Key Risk Indicators / Key Performance Indicators related to Information Security or IT Risk Management

Excellent verbal and written communication skills with both technical and non-technical partners (including senior leadership) with focus on informing, influencing, and relationship building

Ability to analyze security risks, evaluate new technologies and plan the roadmap

Preferred

One or more of these certifications strongly preferred: CISM, CISSP, CEH, CRISC, CompTIA Security+, AWS/Azure Security

Benefits

Time Away: Program starts at 20 paid time off days in addition to 11 paid holidays and 8 hours of volunteer time off yearly (time off days are prorated based on start date and program varies based on full or part-time status and management level).

Planning for the Future: plan for the near and long term with an industry-leading 401K retirement savings plan with matching and company contributions, student loan pay downs and 529 educational save up assistance programs, tuition reimbursement, employee stock purchase plan, and financial learning center and financial coach access.

Supporting your Health & Well-being: flexible health and insurance options including medical, dental and vision, employee, spouse and child life insurance, short- and long-term disability, pre-tax Health Savings Account with employer contributions, Healthcare FSA, critical illness, accident & hospital indemnity insurance, and a total well-being program that helps you and your family stay on track physically, socially, emotionally, and financially.

Building a Family: adoption, surrogacy and fertility assistance as well as paid parental and caregiver leave, Dependent Day Care FSA back-up child and adult/elder care days and childcare discounts.

Work-Life Integration: other benefits including Mentally Fit Employee Assistance Program, subsidized and discounted Weight Watchers® program and other employee discount programs.

Other compensations: depending on the role for which you are considered, you may be eligible for travel allowances, relocation assistance, a signing bonus and/or equity.

Company

Ally

Ally Financial Inc. (NYSE: ALLY) is a leading digital financial services company and a top 25 U.S.

Founded in 1919

Detroit, Michigan, USA

10001+ employees

http://www.ally.com/

H1B Sponsorship

Ally has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (1)

2024 (8)

2023 (9)

2022 (13)

2021 (9)

2020 (1)

Funding

Current Stage

Public Company

Total Funding

$1.75B

2024-12-13Post Ipo Debt· $1B

2022-11-07Post Ipo Debt· $750M

2014-04-10IPO

Leadership Team

Russ Hutchinson

Chief Financial Officer

David Holland

Senior Vice President

Recent News

Benzinga.com

5 Stocks In The Spotlight Last Week: Wall Street's Most Accurate Analysts Weigh In

2025-12-29

MarketScreener

This Is Decision Day

2025-12-10

Tech Startups - Tech News, Tech Trends & Startup Funding

U.S. corporate layoffs reach 1.17 million in 2025 as AI, tariffs, and restructuring accelerate job cuts; highest since the pandemic

2025-12-05

Company data provided by crunchbase