Security Engineer – Data Leakage Specialist (DLP)

About The Role

A Cybersecurity DLP & Awareness Specialist is a critical defender of an organization's most valuable asset—its data. This role holistically manages the end-to-end Data Loss Prevention program, from strategy and tool deployment to policy creation and incident response.

By blending deep technical expertise in protecting data across networks and clouds with the strategic development of security awareness and phishing simulation programs, this specialist builds a powerful, multi-layered defense that proactively safeguards sensitive information and significantly strengthens the organization's overall security resilience.
 

What you will do

Program & Strategy:

• Develop, implement, and maintain the organization's DLP strategy and align with business objectives and regulatory requirements.
• Define and document DLP policies, standards, procedures, and response playbooks.
• Stay abreast of the latest data security threats, trends, and technologies to ensure the DLP program remains effective.

Technical Implementation & Management:

• Administer the entire DLP technology stack (e.g., Microsoft Purview, Symantec, Forcepoint), including deployment, configuration, and upgrading of systems.
• Design, build, and fine-tune DLP policies and detection.
• Implement and manage a comprehensive data classification framework to automatically identify and tag sensitive data (PII, PCI, IP, etc.).
• Integrate DLP systems with other security tools (SIEM, SOAR, CASB, Email Security) for enhanced visibility and automated response.

Operations & Monitoring:

• Monitor DLP alerts and dashboards (as per operational model) to identify potential data security incidents.
• Perform initial triage, investigation, and forensic analysis to determine the validity, cause, scope, and impact of incidents.
• Lead the incident response process for data exposure events, coordinating with the IR team, Legal, HR, and management.

Training & Awareness:

• Develop and drive user cybersecurity awareness training focused on data handling policies and safe practices.
• Create and execute phishing simulation exercises to test user vigilance and tailor future training initiatives.
• Act as a subject matter expert, providing guidance and support to employees on data protection matters.

Reporting & Compliance:

• Generate and analyze regular reports on DLP program metrics (e.g., alerts, incidents, false positives, policy effectiveness).
• Provide evidence and support for internal and external audits related to data protection (e.g., ISO 27001, SOC 2, GDPR, PCI-DSS).
• Conduct ongoing risk assessments to identify control gaps and recommend improvements.
• Proven hands-on experience administering leading DLP solutions (e.g., Microsoft Purview, Symantec, Forcepoint, Digital Guardian).
• Data Classification: Direct experience in implementing and managing an enterprise data classification program.
• Conduct ongoing risk assessments to identify control gaps and recommend improvements.
• Proven hands-on experience administering leading DLP solutions (e.g., Microsoft Purview, Symantec, Forcepoint, Digital Guardian).
• Data Classification: Direct experience in implementing and managing an enterprise data classification program.

Skills/Competencies

• Good understanding of cloud data protection strategies for SaaS (e.g., M365, Google Workspace) and IaaS (AWS, Azure, GCP) platforms.
• Experience integrating DLP with SIEM (e.g., Sentinel, Splunk, QRadar) and SOAR platforms for automated workflows.
• Proficiency with digital forensics tools and techniques for investigating data breaches.
• Basic scripting skills (Python, PowerShell) to automate tasks and interact with APIs will be added advantage.
• Ability to analyze complex alerts, identify root causes, and implement effective solutions.
• Meticulous approach to policy creation, tuning, and incident investigation.
• Good verbal and written communication skills to explain technical concepts to non-technical stakeholders and document incidents clearly.
• Ability to drive behavioral changes through effective security awareness campaigns and training.
• Team-oriented mindset to work effectively with IT, security, legal, and business units.
• Unwavering ethics due to frequent handling of highly sensitive and confidential information. 
• What you will need
• Ability to drive behavioral changes through effective security awareness campaigns and training.
• Team-oriented mindset to work effectively with IT, security, legal, and business units.
• Unwavering ethics due to frequent handling of highly sensitive and confidential information. 
• What you will need
• Bachelor’s degree in computer science, Information Security, or a related field. Relevant industry certifications (e.g., CISSP, CISM, CCNA, GCIH, AZ-900, SC-300) are highly preferred.
• 5 years of overall experience in information security.
• 3 years of hands-on, dedicated experience in deploying, managing, and tuning a DLP program, including data classification.
• Proven experience in incident response and digital forensics related to data exposure.
• Comprehensive knowledge of data privacy regulations (e.g. NIST, ISO 27k, GDPR, CCPA, HIPAA, PCI-DSS).
• Program Efficacy: The overall health and effectiveness of the DLP program in reducing the risk of data loss.
• Incident Response: The timely and effective investigation, containment, and remediation of all data exposure incidents within defined SLAs.
• Policy Management: The accuracy, appropriateness, and performance of all DLP policies and detection rules.
• System Availability: The operational availability and performance of the DLP infrastructure.
• Compliance: Ensuring the DLP program meets all required compliance and regulatory obligations for data protection.
• Awareness Metrics: Improving the organization's security culture as measured by reduced phishing click-through rates and increased reporting of suspicious activity.
• Continuous Improvement: Proactively identifying gaps in the data protection landscape and recommending enhancements to tools, processes, and policies.
• Policy Management: The accuracy, appropriateness, and performance of all DLP policies and detection rules.
• System Availability: The operational availability and performance of the DLP infrastructure.
• Compliance: Ensuring the DLP program meets all required compliance and regulatory obligations for data protection.

Talent acquisition based on Nexperia vacancies is not appreciated. Nexperia job adverts are Nexperia copyright © material and the word Nexperia® is a registered trademark.

D&I Statement

As an equal-opportunity employer, Nexperia values diversity not just because it is the right thing to do but because diverse teams perform better. We are dedicated to being inclusive, and a proof point of this dedication is that we were the main partner of the very first Dutch Paralympic Team NL House during the Paris 2024 Paralympic Games. Our recruitment process is inclusive and accessible to all, and we consider all applicants fairly, as well as providing a safe work environment and reasonable adjustments where requested.

In addition, we offer our colleagues the possibility to join employee resource groups such as the Pride Network Group or global and local Women's groups. Nexperia is committed to increasing women in management positions to 30% by 2030.