Data Security - DLP Architect

Key Responsibilities*** Operational Coverage

• Incident & Issue Management

• Service Enhancement & Continuous Improvement

• Policy Review & Enforcement

• + Collaborate with governance and legal teams to design, review, and update data security policies and acceptable use frameworks.
• + Implement and enforce policies via DLP/classification controls, IRM, encryption and endpoint integrations.
• + Ensure auditability and evidence collection for compliance and regulatory requirements.
• **Platform & Server Management**
• + Oversee deployment, configuration, hardening, patching, backup and monitoring of DLP, classification, and IRM servers/applications (on‑prem and cloud).
• + Ensure high availability, capacity planning, performance optimization, and disaster recovery readiness.
• + Manage integrations with identity, endpoint, email, storage and cloud services (e.g., Microsoft 365, Exchange, SharePoint, Box, OneDrive).
• **Architecture, Design & Enhancement**
• + Architect and validate solution designs, secure configurations and network integrations for data security tools.
• + Produce high/low level design documents, solution architecture diagrams, and technical specifications.
• + Conduct threat modelling and security reviews for proposed changes impacting data flows.
• **Transition & Transformation**
• + Lead technical transition activities for onboarding, migrations, or vendor replacements (discovery, cutover plans, rollback plans).
• + Drive transformation initiatives (cloud enablement, SaaS adoption, automation, CI/CD for policies).
• + Ensure knowledge transfer, create HLD/LLD, runbooks, training materials and handover to operations.
• **Stakeholder Engagement & Reporting**
• + Liaise with SOC, IT ops, endpoint, identity, legal/compliance, data owners, and business units.
• + Provide regular operational and executive reporting (KPI dashboards for incidents, coverage, false positives, policy enforcement, classification coverage).
• + Support audits, compliance assessments and third‑party reviews
• **Required Qualifications & Experience*** + Bachelor’s degree in computer science, Information Security, or related field (Master’s or relevant certifications preferred).
• + 8+ years’ experience in data security roles, with hands-on experience across DLP, Data Classification, and IRM solutions.
• + Proven L1–L3 operational background: triage, remediation, advanced tuning and integrations.
• + Experience managing DLP products (e.g., Forcepoint, Symantec/Digital Guardian, McAfee DLP), classification tools (Boldon James or similar, Titus), IRM (Seclore, Purview), and related ecosystem integrations.
• + Strong server/platform administration skills (Windows/Linux), virtualization and cloud exposure (Azure/AWS).
• + Knowledge of encryption, PKI, HSMs, and secure key management (Thales or similar).
• + Familiarity with SIEM (Microsoft Sentinel), EDR, email gateways, and MDM integrations.
• + Solid understanding of CIS, NIST, ISO27001 frameworks and data privacy regulations.
• + Excellent troubleshooting, scripting (PowerShell, Python), and automation skills.
• + Strong communication skills and experience working with cross-functional teams and senior stakeholders.
• **Desirable Certifications (Good to have)*** + CISSP, CISM, CCSP, or equivalent
• + Vendor-specific DLP/IRM certifications (Forcepoint/Symantec/Boldon/Seclore)
• + Azure/AWS certifications, Microsoft 365 security certifications
• + ITIL Foundation