Summary: The L3 Insider Threat Engineering Lead - DLP is responsible for managing and enhancing the Insider Threat Data Loss Prevention capabilities within a global enterprise. This role involves leading a team of engineers, collaborating with various departments, and optimizing DLP policies to protect sensitive data. The position requires strong technical expertise and leadership skills to effectively mitigate insider risks and ensure compliance with data protection regulations.

Key Responsibilities:

• Oversee the technical management, troubleshooting, and administration of the DLP platform.
• Lead and mentor a diverse team of Insider Threat Engineers specializing in DLP.
• Collaborate with the L1 Insider Threat Manager, L3 Insider Threat Engineering Lead – IRM, and senior leadership to refine strategies, rules, policies, and procedures for data loss prevention.
• Develop and maintain a technical roadmap aligned with the overall cybersecurity strategy.
• Optimize and fine-tune DLP policies to minimize false positives and enhance detection accuracy.
• Work closely with IT, Cybersecurity, HR, Legal, and Compliance teams to enforce data protection standards and regulatory requirements.
• Conduct regular assessments and audits to drive continuous improvement in DLP and Insider Threat programs.
• Provide detailed reports on DLP effectiveness, emerging threats, and mitigation strategies to senior leadership.
• Identify trends in insider threats and recommend enhancements to existing DLP policies and security controls.
• Contribute to projects that strengthen insider threat detection and data protection policies.
• Perform additional tasks as assigned by the Global Head of Insider Threat.

Key Skills:

• Extensive experience managing Insider Threat and DLP engineering teams in a large global enterprise.
• Strong technical expertise in the Microsoft Security stack, particularly Purview DLP, Insider Risk Management (IRM), and Microsoft Defender.
• Relevant Microsoft certifications in Purview DLP, IRM, and Defender.
• Deep understanding of data protection laws and compliance requirements (e.g., GDPR, CCPA, HIPAA).
• Strong problem-solving and troubleshooting skills in complex security environments.
• Excellent leadership, communication, and stakeholder management skills.
• Self-motivated with the ability to work independently and drive initiatives.
• Preferred: Experience with audits such as SOC2.
• Prior experience deploying or managing Microsoft IRM within a global enterprise.
• Industry certifications such as CISSP, CISM, or CIPP.
• Experience with CASB and UEBA technologies.

Salary (Rate): undetermined

City: undetermined

Country: United Kingdom

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT