DLP Governance Lead
Salary - £75-90k + Bonus + Benefits
Location – Cheshire (2-3 days in office per week)
Newly created role within one of the most advanced Cyber Security functions for a Tier1 UK Bank, who are looking to bring in a Data Loss Prevention (DLP) Governance Lead to ensure the right controls are in place and constantly developing against the ever-evolving threat landscape.
Sitting within the Global Cyber Defence function, you will be responsible for working with different technical teams to ensure the relevant DLP security controls are in place across all security monitoring and detection tooling; whilst leading and setting out the governance of how the policies, quality assurance and operational standards are managed.
This is a newly created position and pivotal for the constant evolution of their Cyber Defence function, giving you the opportunity to genuinely influence what is one of the most advanced and recognized cyber defence capabilities worldwide.
Key Responsibilities
* Set out and deliver the strategy as to how DLP policies, steering committees, quality assurance and operational standards are managed.
* Data classification : Separate and prioritize sensitive and non-sensitive data.
* Identify sensitive data : Know what data you have and how it's used to protect it from misuse.
* Establish metrics : Measure the effectiveness of your DLP strategy using metrics like the percentage of false positives, the number of incidents, and the mean time to incident response.
* Allocate roles : Define roles for data security to enable accountability and effective management of tasks.
* Compliance : Document compliance efforts, including all DLP measures implemented, the results of content security audits, and any content security incidents.
* Educate stakeholders : Involve stakeholders from IT, legal, HR, and other business units to create a comprehensive and practical DLP policy.
* Deployment documentation : Set up the deployment of the DLP product after identifying the sensitive data and defining policies.
* Establish evaluation criteria : Establish evaluation criteria for DLP solutions based on how mature your organization is in controlling data flows.
* Monitor sensitive data : Implement role-based access controls (RBAC) to limit exposure of sensitive data only to those who need it for their job functions
Key Requirements
* In-depth knowledge of DLP tooling and the relevant DLP security controls
* Broader knowledge of and experience working within cyber defence environments, and how DLP closely interlinks with different departments.
* Ability to set out and deliver the strategy as to how they manage DLP policies, steering committees, quality assurance and operational standards.
* Experience working within a highly regulated industry and leading multi-disciplinary teams.