Data Protection Specialist

About the Job
The Data Protection Specialist is responsible for ensuring that Core42's data is properly protected and compliant with relevant regulations. This role involves implementing and maintaining data protection policies, managing data protection risks, and ensuring that data handling practices align with legal and regulatory requirements. The specialist will work closely with various departments and business units to safeguard sensitive information and support Core42's overall data governance strategy. Daily operational activities include managing and operating Data Loss Prevention (DLP) tools and technologies, handling DLP incidents, and coordinating with users, HR, business units, and IT teams to resolve data protection issues.

Responsibilities

• Develop and execute data protection policies and procedures.
• Monitor and assess data protection compliance across Core42 and its business units.
• Conduct regular data protection impact assessments (DPIAs) and audits.
• Identify and mitigate data protection risks through proactive measures.
• Deploy and configure DLP agents on endpoints, email servers, and web gateways.
• Maintain and update DLP management servers and ensure proper network integration.
• Develop and enforce DLP policies across different data channels (web, email, endpoints).
• Customize and fine-tune policies to minimize false positives and address specific organizational needs.
• Integrate DLP with other security solutions (SIEM, CASB, IAM) for enhanced protection and automated incident response.
• Continuously monitor DLP incidents through the DLP dashboard and other monitoring tools.
• Triage and prioritize DLP incidents based on severity and potential impact on the organization.
• Conduct detailed investigations of DLP incidents, including data analysis and root cause identification.
• Follow up with users involved in DLP incidents to gather additional information and provide guidance on remediation.
• Coordinate with relevant stakeholders (IT, legal, HR) to manage and resolve DLP incidents.
• Escalate significant incidents to higher management or external authorities as per compliance policies.
• Implement corrective actions to resolve DLP incidents and prevent recurrence.
• Work with IT teams to apply technical fixes, such as adjusting access controls, updating software, or patching vulnerabilities.
• Provide training and support to users involved in DLP incidents to improve awareness and compliance with data protection policies.
• Document all incidents, actions taken, and resolutions in the incident management system.
• Generate and distribute regular reports on DLP incidents, trends, and compliance status to senior management.
• Ensure that DLP practices align with relevant data protection regulations (e.g., GDPR, CCPA, HIPAA).
• Prepare documentation and evidence for internal and external audits related to data protection and DLP.
• Conduct regular reviews and updates of DLP policies and procedures to ensure ongoing compliance and effectiveness.
• Collaborate with other Information Security teams to understand and mitigate data sensitivity and security risks.
• Ensure the deployment of other security tools such as Proxy, EDR, and CASB are in alignment with DLP policies.
• Stay up-to-date with current tools, techniques, and vulnerabilities.
• Review changes on IT infrastructure ensuring all adjustments are performed per security policies.
• Manage phishing triage incidents and email security operations.
• Work with technology development and network teams to implement appropriate security solutions.
• Support in integration and design of Core42 hybrid cloud setups, ensuring security controls are implemented.
• Establish clear understanding and documentation of processes related to cyber security infrastructure.
• Manage escalations related to security operations deliverables.
• Conduct periodic health checks on security tools.
• Leverage security automation tooling and develop playbooks based on operational use cases.
• Maintain detailed knowledge of emerging threats, risks, and security capabilities.
• Review DLP operations, alert monitoring, and data exfiltration alerts.

Qualifications

• Bachelor’s/Master’s degree in Computer Science, Information Security, IT, or Software Engineering.
• Minimum 7 years of experience in IT, with at least 2 years in a similar role.
• In-depth knowledge of security concepts such as cyber-attacks, threat vectors, and risk management.
• Proficient in managing, configuring, and deploying tools like Forcepoint DLP, Proxy, and Crowd Strike EDR.
• Strong understanding of data protection regulations and best practices.
• Familiarity with incident management and SIEM systems (e.g., Splunk, IBM QRadar).
• Good analytical and problem-solving skills.
• Ability to work in high-stress environments with excellent communication skills.
• Advanced training certifications are advantageous.

What Working at CORE42 Offers

• Culture: An open, diverse, and inclusive environment with a global vision that encourages personal growth.
• Career: Outstanding learning, development & growth opportunities through structured training and innovative projects.
• Work-Life: A hybrid work policy for a balanced work and home life.
• Rewards: A competitive remuneration package with perks like healthcare, education support, and leave benefits.