Lead the development, implementation, and maintenance of data loss prevention rule policies, monitoring processes and procedures, and best practices to safeguard sensitive personal and company data.
Continuously review and update data loss prevention rule policies in response to emerging threats and evolving business needs.
Work closely with relevant Business Units to screen Whitelist processes and coordinate with the IT Security team to implement DLP rule policies configuration in the DLP system.
Lead investigations into data loss incidents, determine root causes, and recommend corrective actions to mitigate future risks.
Work closely with incident response teams to manage and resolve data security incidents, ensuring timely documentation and reporting.
Conduct regular risk assessments to identify vulnerabilities and address potential data loss risks proactively.
Assess the risk from the DLP incident monitoring results and report the monitoring results to the Head of IT Risk (TH) and Head of Risk and Fraud (TH).
Participate in IT risk Assessment of significant project and/or assigned projects
Assess the IT risk from the Project and report the risk assessment results to the Head of IT Risk and Head of Risk and Fraud (TH).
Develop and deliver training programs to educate employees on data protection best practices, DLP policies, and their role in safeguarding sensitive information.
Collaborate with IT, IT Security, DPO, legal, compliance, and other departments to ensure data security requirements are incorporated into business processes and new projects.
Serve as the primary point of contact for all DLP-related matters and provide guidance on data protection challenges.
Qualifications:
Bachelor's degree in Information Technology, Computer Science, Data
Minimum of 3-5 years of experience in Data loss prevention, Information Security, Data Analytics with 1-3 years in a leadership role focused on data loss prevention preferred
Hands-on experience with DLP tools and technologies.
Proven experience managing security incidents, risk assessments, and audits.
Excellent communication and interpersonal skills, with the ability to explain complex security concepts to non-technical stakeholders.
Problem-solving mindset with the ability to think critically and strategically.
