🪄 Skills: CybersecurityMicrosoft Active DirectoryComplianceRisk ManagementData analytics
Requirements:
8+ years of cybersecurity experience, with at least 2–3 years focused on DLP or Insider Threat programs.
Proven experience designing and operationalising DLP and insider threat capabilities in medium to large organisations.
Strong understanding of regulatory and privacy considerations in employee monitoring (especially across jurisdictions like the EU and US).
Knowledge of behavioural analytics and data classification strategies.
Experience with tools like Microsoft Purview, Symantec DLP, Forcepoint, or other leading platforms.
Responsibilities:
Conduct a comprehensive assessment of the current state of insider threat monitoring, including people, tools, policies, and processes.
Define a roadmap to enhance visibility, detection, and prevention of insider threats and unintentional data leaks.
Identify appropriate DLP technologies, including endpoint, email, cloud, and network-based controls.
Recommend and support deployment of Insider Threat Management platforms or modules (e.g., Microsoft Purview, Forcepoint, Proofpoint, DTEX, Egress, etc.).
Develop operational processes for insider threat detection, triage, escalation, investigation, and response.
Build awareness and training programs to mitigate the human element of insider threats.
Establish KPIs, reporting mechanisms, and integration with existing SIEM/SOC operations.
Collaborate with HR, Legal, and IT to ensure processes respect privacy and regulatory guidelines.