Senior/Lead Data Security Engineer - DLP (8-10 yrs)

We are seeking a skilled and detail-oriented Data Security Specialist with expertise in Data Loss Prevention (DLP) and Data Security Practices to join our growing security team.

The ideal candidate will be responsible for designing, implementing, and managing robust data protection strategies to safeguard sensitive and critical information across various systems and platforms.

You will play a crucial role in preventing unauthorized data access, ensuring regulatory compliance, and safeguarding the organization's data from breaches, leaks, or other forms of unauthorized exposure.

Key Responsibilities :

- DLP Policy Development & Implementation : Design, implement, and enforce Data Loss Prevention (DLP) policies and controls across endpoints, cloud environments, and network infrastructures to prevent unauthorized data transfer, loss, or exposure.

- Data Protection Strategy : Collaborate with internal teams to develop and implement comprehensive data protection strategies that safeguard sensitive and confidential data from internal and external threats.

- Incident Detection & Response : Monitor and investigate security incidents related to data loss or leakage, analyze the root cause of incidents, and respond quickly to mitigate risks.

- Risk Assessment : Conduct regular risk assessments to identify and address vulnerabilities related to sensitive data. Recommend and implement solutions to improve data protection across the organization.

- Compliance & Auditing : Ensure compliance with relevant data protection laws and industry standards (such as GDPR, CCPA, HIPAA, etc. Assist with audits and work to continuously improve the organization's data security posture.

- DLP Tool Management : Administer and optimize DLP tools (e.g, Symantec DLP, McAfee Total Protection for DLP, Forcepoint, Digital Guardian) to monitor and enforce data security policies, ensuring they are functioning as intended.

- Security Awareness Training : Provide training and guidance to staff on data security best practices, including the use of DLP tools, data handling procedures, and secure communication protocols.

- Collaboration & Communication : Work closely with the IT, Compliance, Legal, and Risk Management teams to ensure the alignment of security efforts with business needs and compliance requirements.

- Reporting & Metrics : Generate reports, metrics, and dashboards to provide visibility into the effectiveness of data security measures, incidents, and compliance status.

Qualifications & Skills :

Experience :

- Proven experience in data security or information security, specifically related to Data Loss Prevention (DLP), data protection, and information governance.

- Hands-on experience with DLP solutions (e.g, Symantec DLP, Forcepoint, McAfee, Digital Guardian).

- Experience with security controls for cloud environments (e.g, Microsoft 365, AWS, Azure) and endpoint security tools.

Technical Expertise :

- Strong understanding of data security frameworks, encryption, access controls, and secure data transfer protocols.

- Familiarity with network security, endpoint security, and security information and event management (SIEM) systems.

Knowledge of Regulations & Standards :

- Knowledge of privacy laws and data protection regulations (GDPR, CCPA, HIPAA, PCI-DSS, etc.) and their impact on data security practices.

Certifications :

- Preferred : Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), Certified Information Security Manager (CISM), or equivalent certifications.

Problem-Solving & Analytical Skills :

- Strong analytical and troubleshooting skills, with the ability to understand and resolve complex data security issues.

Communication Skills :

- Excellent written and verbal communication skills to document policies, present findings, and interact with stakeholders at all levels of the organization.

Team Player :

- Ability to work collaboratively within a cross-functional team environment and effectively communicate security risks and mitigation strategies to non-technical staff.

Preferred Qualifications :

- Cloud Security Experience : Experience securing cloud-based data and services, including SaaS, IaaS, and PaaS platforms.

- Data Classification and Encryption : Knowledge of data classification methodologies and experience implementing encryption protocols for sensitive data at rest and in transit.

- Forensics & Incident Response : Familiarity with data forensics and incident response protocols in the context of data breaches or leaks.