Senior Technical Specialist - Security Services

Role Overview

• Administration of the DLP tools which includes configuring policies and reporting.
• Monitor and respond to alerts generated from the DLP systems and other technologies
• Due Diligence on the reports from Data Classification of usage of labels. 
• Work with vendors to support the DLP technology (troubleshooting, upgrades, etc.)
• Develop and manage and administer the roadmap for both Email and Web Data Loss Prevention.
• Deployment of System Changes to Data Loss Prevention.
• Configure & operate the Data Loss Prevention tools including incident management, access management, key management, vulnerability management, compliance tracking & reporting
• Support Data Loss Prevention security requirements of the CTS Application Services team
• Audit & Governance requirements for Data Loss Prevention.

Team Background

• This role sits within our network security team and reports to network security team manager who reports to Head of Security Operations.
• This team has oversight/responsibility for providing services to prevent incoming threats and improve the infrastructure and security processes for all lines business before any incident occurs or is detected. The main goals are to remain secure, avoid incidents and to reduce the impact and scope when they do occur.   Technologies we support Proofpoint, Zscaler, Checkpoint IPS/IDS, NSXT IPS/IDS, Deep Security, Full Packet Capture and Varonis, which service tasks including Email filtering, Web Proxy, Intrusion Detection and Prevention on both North/South and East/West traffic, obsolete technology vulnerability management and Web Application Firewall for on Prem and Cloud policies, Data Loss Prevention and Data Classification.

More specific responsibilities will include

1. Risk, Control & Regulatory Environment, including Audit & Governance 

• Ensure familiarity with risk management programmes, as they impact on this position, and Ensure compliance with all relevant risk and regulatory requirements; proactively highlight any risks so that mitigating actions can be taken.  

2. Manage the optimisation, integration & customisation of DLP Security Technologies

• Manages the lifecycle for Data Loss Prevention tooling / systems and software 
• Plan and schedule bug fixes, patches and enhancements
• Where required engages with activities in disaster recovery tests
• Creates and maintains Data Loss Prevention configuration documentation: diagrams, hardware components, and software versions
• Create materials and deliver training related to DLP processes and services
• Defines and produces metrics & reports
• Participates in CAB meeting discussions to assess risks on complex changes 
• Participates in Audit reviews of governance and compliance policies and procedures
• Knowledge of governance and compliance policies and procedures
• Perform administrative tasks on supported DLP technologies
• Provide standards and on-demand reports related to DLP activities, performance metrics, and indicators
• Collaborate with peers, system owners, vendors, subcontractors, and business partners in introducing, testing, any changes to DLP products and infrastructrure.

3. Data Loss Prevention Technology Advisory

• Represent Security Operations report on DLP, posture, risks.
• Defines strategies, and roadmaps for DLP
• Identifies gaps in DLP processes and recommends improvements in partnership with process owners. 
• Produces reports identifying and recommending and improvements to DLP operational procedures. 
• Knowledgeable of DLP security technologies and processes
• Input to the technical direction and influences peers and technical leaders

4. Incident and Problem Management

• Key participant in Critical Incident Response Team for major incidents in DLP 
• Resolve highly complex problems and troubleshoot critical DLP technologies
• Work with CIRT and business to recommend mitigation plans and explain capabilities
• Responds to and resolves complex infrastructure incidents to restore business services
• Conducts root cause analysis for complex incidents and documents results
• Provide timely updates on the restoration of business services
• Research and documents problems, develops recommendations, and implements solutions
• Works with the Problem Manager to identify, resolve and document complex problems
• Provides incident queue management: perform triage, assess priority, and assign incidents

5. Data Loss Prevention Infrastructure Capacity planning and management

• Makes recommendations to improve Data Loss Prevention infrastructure performance
• Provide technical mentorship and guidance to less experienced staff.

What you will need to be successful in the role

The ideal candidate will have/be:

• IT Degree or equivalent
• 3/5 years’ experience in the following 
• Supporting Information Technology
• Information Security concepts related to Governance, Risk & Compliance      
• Advanced Knowledge of Data Loss Prevention (DLP) Technology support and Event Handling
• Achieved certification with a drive and willingness to continuously develop technical knowledge e.g., CISSP. CCSP, CISM, CRISC or other industry recognised certifications is an advantage to the role. 
   

Key Competencies