Job Purpose
The role is required to provide dedicated ownership for identifying, classifying, labelling, and protecting sensitive data across Corporate, Rapid Rail, Rapid Bus, and AFC environments. Additionally, the role ensures consistent data protection controls, reduces the risk of data leakage, and drives awareness of proper data handling, safeguarding critical information and supporting organisational resilience.
Key Accountabilities
- Accountable for the design, implementation, and ongoing operation of Data Loss Prevention (DLP) controls to protect sensitive data across Corporate, Rapid Rail, Rapid Bus, and AFC environments.
- Ensures sensitive and critical data is systematically identified, classified, and labelled across structured and unstructured sources to enable effective protection throughout the data lifecycle.
- Implements, tunes, and maintains DLP solutions across endpoints, networks, cloud platforms, and applications, ensuring controls are effective without disrupting business operations.
- Monitors DLP alerts, investigates data leakage incidents, and coordinates remediation actions with IT, cybersecurity, and business teams to prevent recurrence.
- Translates data protection requirements into enforceable DLP policies, rules, and use cases aligned with business needs and organizational risk appetite.
- Works closely with IT, application, cloud, and business teams to embed data protection controls into systems and processes, while providing guidance on secure data handling practices.
- Supports enterprise-wide data protection awareness by enabling user education, reducing risky data handling behaviours, and reinforcing correct use of sensitive information.
- Measures DLP effectiveness, reduces false positives, tracks trends, and reports on data protection posture and incidents to support continuous improvement and management assurance.
Qualifications, Skills & Knowledge
- Bachelor's Degree in Cybersecurity, Information Technology, or equivalent.
- Certifications such as CompTIA Security+, CEH, GSEC, or Microsoft/AWS security certifications are preferred, or similar certifications are highly desirable.
- CDPSE (Certified Data Privacy Solutions Engineer) 2. Microsoft Purview DLP Training / SC 5003 (Information Protection & DLP).
- Minimum 5 years of working experience.
- SIEM (e.g., Microsoft Sentinel, Splunk, QRadar), WAF, endpoint protection, vulnerability scanners (e.g., Nessus, Qualys), DLP, antivirus/malware protection.
- TCP/IP, firewalls, VPNs, routing/switching, DNS, DHCP.
