Data Security Specialist

The Data Security Specialist is responsible for designing, implementing, and operating data protection solutions with a primary focus on Data Loss Prevention (DLP). This role ensures that robust data protection practices are integrated into business processes, IT systems, and user behaviour. A key objective is to establish best-in-class data protection capabilities in an environment with lower data security awareness and cultural challenges, such as widespread data sharing or unauthorized data transfers.

The specialist will act as a change agent, building a security-first culture while deploying effective technical controls. This resource will report to GCC CISO. Experience 6 to 8 years (Core experience) Main responsibilities § Data Loss Prevention (DLP) Design & Operation o Evaluate, select, and implement a DLP solution aligned with business needs and data protection risks. o Define and maintain DLP policies and rules to detect and prevent unauthorized data access, transfer, or leakage. o Monitor DLP alerts and ensure timely investigation, triage, and response. o Continuously refine DLP configuration based on threat trends, user behavior, and business feedback. § Data Protection by Design o Collaborate with IT, process owners, and application teams to embed data protection controls into systems and workflows. o Perform data flow analysis and risk assessments to identify sensitive data exposure points. o Define and apply classification, access control, and encryption strategies where needed. § Security Culture and Awareness o Work closely with the awareness team to develop targeted campaigns focused on responsible data handling and the risks of data leakage. o Engage with teams to understand behaviors and perceptions around data use and design appropriate behavioral change strategies. o Actively contribute to the development of a data protection culture in units with low initial awareness and high risk of data misuse. § Compliance Support o Ensure that implemented controls align with data protection regulations and internal security policies. o Support audits, assessments, and compliance reviews related to data security. o Maintain documentation for data protection controls, configurations, and incident handling.

Qualification Bachelor degree ideally in information security, computer science, related fields Minimum requirements § 3+ years of experience in data protection, cybersecurity, as cybersecurity specialist or architect. § Hands-on experience with DLP technologies (e.g., Microsoft Purview, Varonis, Forcepoint, etc.), with a track record of successful project delivery. § Strong understanding of data protection principles (e.g., least privilege, data classification, access control). § Experience working in environments with low data security maturity or resistance to change is a strong plus. § Strong communication and interpersonal skills, with the ability to influence behavioral change. § Knowledge of privacy regulations and ISO 27001 is beneficial. § Good knowledge and strong interest in Cyber Security (best-practices, standards, technology) § Good knowledge in IS/IT (network, endpoint, cloud, application, …) § Excellent communication skills, teamwork, you will interact with various stakeholders of different levels and functions. § Problem-solving skills. § You are used to work in an international context, in complex/sensitive environment. § Language skills: English (excellent level). Any other European language is a plus (French, Spanish, Dutch, German, Polish)