Threat Intelligence Lead

Direct message the job poster from Lorien

Job Posting: L3 Insider Threat Engineering Lead - DLP

Location: Remote UK

Job Type: Contract

About the Role

We are seeking a highly skilled L3 Insider Threat Engineering Lead - DLP to manage and enhance our Insider Threat Data Loss Prevention (DLP) capabilities. This role is pivotal in ensuring the effectiveness of our DLP platform and leading a globally distributed team of engineers. Reporting to the Global Head of Insider Threat, you will play a crucial role in safeguarding sensitive data and mitigating insider risks.

Key Responsibilities

1. Oversee the technical management, troubleshooting, and administration of the DLP platform.
2. Lead and mentor a diverse team of Insider Threat Engineers specializing in DLP, providing guidance, coaching, and technical expertise.
3. Collaborate with the L1 Insider Threat Manager, the L3 Insider Threat Engineering Lead – IRM, and senior leadership to refine strategies, rules, policies, and procedures for data loss prevention.
4. Develop and maintain a technical roadmap aligned with the overall cybersecurity strategy.
5. Optimize and fine-tune DLP policies to minimize false positives and enhance detection accuracy.
6. Work closely with IT, Cybersecurity, HR, Legal, and Compliance teams to enforce data protection standards and regulatory requirements.
7. Conduct regular assessments and audits to drive continuous improvement in DLP and Insider Threat programs.
8. Provide detailed reports on DLP effectiveness, emerging threats, and mitigation strategies to senior leadership.
9. Identify trends in insider threats and recommend enhancements to existing DLP policies and security controls.

Secondary Responsibilities

1. Contribute to projects that strengthen insider threat detection and data protection policies.
2. Perform additional tasks as assigned by the Global Head of Insider Threat.

Qualifications & Experience

Required:

1. Extensive experience managing Insider Threat and DLP engineering teams in a large global enterprise.
2. Strong technical expertise in the Microsoft Security stack, particularly Purview DLP, Insider Risk Management (IRM), and Microsoft Defender.
3. Relevant Microsoft certifications in Purview DLP, IRM, and Defender.
4. Deep understanding of data protection laws and compliance requirements (e.g., GDPR, CCPA, HIPAA).
5. Strong problem-solving and troubleshooting skills in complex security environments.
6. Excellent leadership, communication, and stakeholder management skills.
7. Self-motivated with the ability to work independently and drive initiatives.

Preferred:

1. Experience with audits such as SOC2.
2. Prior experience deploying or managing Microsoft IRM within a global enterprise.
3. Industry certifications such as CISSP, CISM, or CIPP.
4. Experience with CASB and UEBA technologies.

Why Join Us?

1. Work with a high-performing global cybersecurity team.
2. Lead cutting-edge Insider Threat and DLP initiatives.
3. Opportunity to shape security strategies in a fast-paced enterprise environment.
4. Competitive salary, benefits, and career growth opportunities.

Mid-Senior level

Contract

Consulting

IT Services and IT Consulting