Principal Data Governance Specialist

Here at Averis, our common purpose is to improve lives by developing resources sustainably. Our people are crucial in helping us to realise our vision to be one of the best Global Business Solution (GBS) organization to support our customers in creating value for the Community, Country, Climate, Customer and Company.

The Principal Data Governance Specialist is responsible for defining, implementing, and maintaining governance and operational excellence across the organization’s Data Loss Prevention (DLP) landscape. This role will provide oversight, policy enforcement, and operational leadership for email, web, cloud, endpoint, and network DLP platforms ensuring governance, data protection, and risk reduction across all business units. The role requires strong technical knowledge of DLP platforms, with the ability to balance governance requirements and user experience considerations.

• Develop and communicate a strategic vision for the Data Protection and Security Awareness teams aligned with organizational goals.
• Provide leadership in the formulation and execution of comprehensive strategies for data protection and security awareness.
• Develop and maintain the organization’s enterprise-wide DLP strategy, policies, and standards.
• Establish and enforce data governance policies, including data retention and classification standards, to ensure governance, data integrity, and secure information management.

• Lead, mentor, and guide the DLP and IT Security Awareness teams towards achieving departmental and organizational objectives.
• Foster a culture of innovation, collaboration, and continuous improvement.

• Collaborate with other department heads and stakeholders to integrate data protection and security awareness initiatives into the broader organizational framework.
• Coordinate with SOC, IT Security, and Infrastructure teams to ensure cohesive threat detection, mitigation, and policy tuning.

• Oversee the development of reports and metrics related to DLP and IT Security Awareness.
• Present findings to senior management and stakeholders, providing strategic insights and recommendations.

• Oversee and manage DLP controls across email, web, and cloud channels to safeguard sensitive information and prevent unauthorized data exposure.
• Provide strategic oversight for daily operational activities related to DLP, including incident triage, discovery, scanning, and escalations.
• Contribute to the enhancement of DLP policies and practices based on evolving threats and organizational needs.
• Lead and support ongoing DLP-related projects, collaborating with the DLP Infrastructure team and vendors for successful project outcomes.
• Lead the operations of all DLP systems, including email, web, cloud, endpoint, and network DLP platforms.

• Lead the development, maintenance, and implementation of the IT Security Awareness program.
• Oversee the education of staff on the importance of information security and the application of due diligence.
• Lead and participate in social engineering activities, including phishing exercises for staff.
• Provide strategic guidance on remediation efforts and continuous improvement based on testing results.

• Bachelor’s degree in Information Security, Computer Science, or related field (Master’s or relevant certifications preferred).
• 7+ years of IT security, data governance or protection experience, including at least 3 years in a leadership or governance capacity.
• Hands‑on experience with DLP solutions (e.g. Proofpoint, Symantec, Netskope, Zscaler).
• Familiarity with global data protection regulations and security frameworks.

• Strong governance, risk management, and audit handling experience.
• Deep understanding of DLP technologies, security architectures, and incident response processes.
• Excellent communication skills with ability to influence at senior management levels.
• Experience leading cross-regional or group-wide data security programs is an advantage.

When you send us your resume and personal details, it is deemed you have provided your consent for us to keep or store your information in our database. All the information you have provided is only used for the recruitment process. Averis will only collect, use, process or disclose personal information where and when allowed to under applicable laws.
Only shortlisted candidates will be contacted for an interview. We endeavour to respond to every applicant. However, if you receive no response from us within 60 days, please consider your application for this specific position unsuccessful. We may contact you in the future if there are opportunities that match your qualifications and experience.

Thank you for considering a career with Averis.