Job Title: Insider Threat Engineering Lead (DLP)
Job Type: Remote
Duration: 6 months (Possible Extension)
Salary: £750 per day
Onsite Parking: Available
Holidays are accrued for PAYE contractors and will start at 28 days, increasing to 33 days after 12 weeks.
About Us
Our client is a leading global advisory, broking, and solutions company that helps clients around the world turn risk into a path for growth. With roots dating to 1828, they have 39,000 employees in more than 120 territories. They design and deliver solutions that manage risk, optimize benefits, cultivate talent, and expand the power of capital to protect and strengthen institutions and individuals. Their unique perspective allows them to see the critical intersections between talent, assets, and ideas - the dynamic formula that drives business performance.
Job Description
We are seeking passionate individuals to grow the Cyber Security team within WTW and provide excellent service and trusted expertise to all parts of our business. We have an exciting opening for a highly skilled and experienced Insider Threat Engineering Lead.
As part of the Cyber Defence department, this role will manage the Insider Threat engineering team aligned to Data Loss Prevention (DLP) and will oversee a geographically and culturally diverse team of engineers to ensure the effective operation of our DLP platform. Reporting to the Global Head of Insider Threat, the L3 Insider Threat Engineering Lead - DLP role is critical to the success of the DLP capability within WTW.
This role would suit those with an extensive history in building and managing Engineering teams, and with significant technical experience of the Microsoft Security stack, focusing on Purview DLP, Insider Risk Management (IRM), and Defender.
Primary Responsibilities:
* Accountability for the technical management and administration of the DLP platform.
* Lead and manage the Insider Threat Engineering team aligned to DLP, providing guidance, coaching, and support to ensure successful execution of their responsibilities and effective operation of our Insider Threat program.
* Work closely with the L1 Insider Threat Manager, the L3 Insider Threat Engineering Lead - IRM, and the Global Head of Insider Threat to develop, implement, and refine strategies, rules, policies, and procedures to help prevent data loss and protect sensitive information across the organization.
* Produce a technical roadmap that aligns with the overall Cyber Security strategy.
* Ensure that DLP policies are fine-tuned and matured to reduce the number of false positives.
* Collaborate with cross-functional teams, including IT, Cyber Security, HR, legal, and compliance, to define and enforce data protection and insider risk requirements, policies, and standards.
* Conduct regular assessments of the Insider Threat Engineering - DLP function to identify areas for continuous improvement.
* Provide regular reports and updates to senior management on the performance and effectiveness of the Insider Threat Engineering team.
* Identify trends and drive requirements aimed at improving and enhancing existing DLP policies, and report this upward through the security management chain.
Secondary Responsibilities:
* Be an integral part of projects that enhance insider threat and data protection policies and standards.
* Other relevant tasks as designated by the Global Head of Insider Threat.
Qualifications:
What you will need:
* In-depth experience managing Insider Threat and DLP engineering teams in a global enterprise organization.
* Solid engineering knowledge of the Microsoft Security stack, particularly Purview DLP, IRM, and Defender.
* Relevant Microsoft qualifications in Purview DLP, IRM, and Defender.
* In-depth understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA).
* Strong analytical problem-solving skills.
* Excellent communication, leadership, and interpersonal skills, with the ability to effectively collaborate and influence stakeholders at all levels of the organization.
* Self-motivated and capable of independent work.
Beneficial:
* Previous experience with audits such as SOC2.
* Experience deploying or managing the Microsoft IRM module within a global enterprise organization.
* Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Lead (CISM), or Certified Information Privacy Professional (CIPP).
* Experience with CASB and UEBA.
#J-18808-Ljbffr