Data Masking & Test Data Management (TDM) SME

Job Title: Data Masking & Test Data Management (TDM) SME

Location: Remote

Duration: 12+ Months

Job Description

Overview:

We are seeking seasoned Data Masking & Test Data Management (TDM) Subject Matter Expert (SME) to lead strategic initiatives around the secure handling of sensitive data across enterprise environments. This role will own the architecture, governance, vendor evaluation, and enterprise implementation of data masking and TDM solutions across Oracle and non-Oracle platforms (e.g., Aurora, RDS, PostgreSQL, MySQL, SQL Server). The SME will also drive data discovery and classification efforts for PII, PCI, HIPAA, and FERPA data elements, and lead build vs. buy assessments to ensure scalable, compliant, and automated solutions for non-production data environments.

Key Responsibilities:

Architecture & Strategy

• Develop and lead the enterprise-wide data masking and TDM strategy across Oracle and non-Oracle databases in on-premises and cloud environments.
• Design scalable, reusable, and automated frameworks that enable secure test data provisioning and masking aligned with DevOps pipelines and agile delivery.

Vendor Solution Evaluation & Build vs. Buy Assessment

• Conduct in-depth vendor assessments (in association with other architects) to evaluate commercial and open-source masking/TDM tools.
• Lead build vs. buy analysis, including cost-benefit evaluation, ROI, scalability, and strategic fit.
• Coordinate vendor PoCs, performance benchmarking, and alignment with enterprise architecture and InfoSec policies.

Sensitive Data Discovery, Classification & Governance

• Perform discovery and classification of sensitive data elements (PII, PCI, HIPAA, FERPA) across structured and semi-structured sources.
• Define and enforce enterprise policies for data masking, retention, access, and auditability in prod & non-prod environments.
• Integrate classification tools with enterprise data catalogs (Collabra, Databricks Unity, AWS Glue, etc.) and governance frameworks.

Implementation, Rollout & Automation

• Guide pilot implementations and refine solutions based on stakeholder feedback and business requirements.
• Oversee the enterprise rollout of data masking and TDM solutions across development, testing, and analytics environments.
• Drive automation by embedding masking and TDM into CI/CD, infrastructure-as-code, and QA frameworks.

Audit Readiness & Regulatory Compliance

• Prepare documentation and controls for internal and external audits.
• Ensure compliance with privacy regulations (e.g., GDPR, HIPAA, CCPA, FERPA, PCI-DSS) through masking and test data management practices.
• Implement monitoring, access controls, and lineage tracking for sensitive data use in non-production systems.

Tooling & Integration

• Implement and configure tools such as Oracle Data Masking Pack, Informatica TDM, Delphix, AWS Macie, Amazon DataZone, or custom in-house solutions.
• Collaborate with security and platform teams to integrate solutions into hybrid environments and cloud-native ecosystems.

Cross-Functional Collaboration & Enablement

• Work with stakeholders across DBAs, QA, DevOps, Security, Compliance, and Application teams to ensure enterprise alignment.
• Collaborate with cross-functional teams QA, Solution Architecture, Salesforce, & Engineering.
• Provide technical leadership, documentation, training, and operational support to embed TDM and data privacy into organizational practices.

Required Qualifications:

• 8+ years of experience in data masking, TDM, data security, or data governance roles.
• Deep expertise in Oracle and non-Oracle platforms such as Aurora, RDS, PostgreSQL, MySQL, SQL Server, etc.
• Strong background in sensitive data discovery, classification, and protection strategies.
• Proven ability to conduct vendor assessments and build vs. buy evaluations.
• Hands-on experience with CI/CD, test automation, and integrating data masking in DevOps environments.
• Knowledge of regulatory compliance requirements (HIPAA, FERPA, PCI-DSS, GDPR, CCPA).
• Excellent communication, technical documentation, and stakeholder engagement skills.

Preferred Qualifications:

• Experience with AWS-native tools (e.g., Macie, Lake Formation, DataZone, Glue Catalog).
• Experience with data masking in Oracle and Non-Oracle databases.
• Experience with Databricks Unity Catalog
• Certifications:
• Oracle Database Security Administration (1Z0-116)
• ILM Test Data Management - Specialist Certification
• ISO 27001 - Information Security Management System (ISMS)
• Certified in Data Protection (CDP) Identity Management Institute
• Delphix Masking Services - Data Masking Architect
• Industry experience in higher education, healthcare, or financial services domains.