DLP L3 Insider Threat Engineering Lead

We are seeking an experienced and dynamic leader to drive our Insider Threat Engineering team with a strong focus on Data Loss Prevention (DLP). This is a pivotal role within our Cyber Defence team, responsible for leading and enhancing our DLP platform across a globally distributed and culturally diverse engineering team. The ideal candidate will have extensive hands-on experience with DLP platforms, insider risk management (IRM), and a proven track record in managing high-performing teams in large enterprise environments.

As the L3 Insider Threat Engineering Lead - DLP, you will be at the forefront of shaping and executing our data protection strategy, with a particular emphasis on Microsoft Security technologies, including Purview DLP, Defender, IRM, and Microsoft Security Stack. You will drive the development and optimization of DLP policies, ensuring robust protection of sensitive data while maintaining regulatory compliance (GDPR, CCPA, HIPAA, SOC2).

Key Responsibilities:

• Lead and Manage the Insider Threat Engineering team, overseeing DLP operations, with accountability for the technical management of the DLP platform.
• Drive Strategy by developing and refining DLP policies, rules, and procedures that align with business objectives and regulatory requirements.
• Optimize DLP Policies to minimize false positives and improve detection accuracy, with continuous adjustments based on trends and insights.
• Collaborate Across Teams with IT, Cyber Security, HR, Legal, and Compliance to define and enforce data protection policies.
• Ensure Regulatory Compliance by aligning DLP practices with GDPR, CCPA, HIPAA, SOC2, and other applicable laws.
• Develop a Technical Roadmap for DLP enhancements and strategic integration with other security initiatives like IRM and Defender.
• Lead Incident Response for DLP-related threats and drive initiatives to improve overall security posture.
• Report to Senior Leadership on the performance and effectiveness of DLP and insider threat management initiatives.

Experience & Expertise Required:

• Deep Experience in leading and managing Insider Threat and DLP engineering teams within global enterprise organizations.
• Expertise in Microsoft Security Stack, especially Purview DLP, Defender, and IRM.
• Proven track record of implementing Data Loss Prevention (DLP) solutions and creating Insider Threat Policies.
• Regulatory Knowledge of data protection laws including GDPR, CCPA, HIPAA, and SOC2 compliance frameworks.
• Strong leadership and communication skills with the ability to influence cross-functional teams and senior management.
• Proven ability to analyze trends, create data-driven strategies, and optimize DLP policies to reduce risk.

Desired Skills:

• Experience with CASB (Cloud Access Security Broker) and UEBA (User and Entity Behavior Analytics) solutions.
• Industry Certifications such as CISSP, CISM, or CIPP.
• Prior experience with Microsoft IRM and handling insider threat incidents in a complex environment.

Eames Consulting is acting as an Employment Business in relation to this vacancy.