L2 Data Classification Engineer (Fortra Titus)

Job Title: L2 Data Classification Engineer (Fortra Titus) — Operations & Adoption
Location: Riyadh
Reports to: L3 Data Classification Engineer and Security Delivery Lead

Operate and support the bank’s Fortra Titus data‑classification platform day‑to‑day: deploy and validate policies to Microsoft Office & Outlook, triage incidents, drive user adoption, and keep evidence‑ready reports for audits. You’ll ensure Titus labels are consistently applied and consumed by downstream controls like Forcepoint DLP and Seclore DRM, raising complex items to L3 as needed. Fortra’s DCS (formerly Titus) enforces classification at document/email creation and persists metadata for downstream tools, which is exactly what this L2 role keeps healthy at scale.

• Primary: Fortra Data Classification Suite (Titus) for Microsoft Office (Word/Excel/PowerPoint) and Outlook add‑ins; user‑driven / suggested / automatic labeling; protective markings and metadata.
• Integrations to verify: Forcepoint DLP reading Titus tags, Seclore DRM applying rights based on classification, SIEM dashboards for events/telemetry.
• Environment context: Microsoft 365 collaboration with sensitivity labeling coexistence patterns (awareness of label GUID/metadata concepts).

1. Policy deployment & hygiene
   • Import/test Titus policy updates from L3 in pilot OU; execute regression checklists in Office/Outlook; promote via change. Track coverage and client health.
2. End‑user & endpoint support
   • Troubleshoot Outlook/Office add‑in prompts, mandatory classification enforcement, protective markings, and save/send blocks; document KBs and FAQs.
3. Integration checks
   • Validate that Forcepoint DLP policies correctly consume Titus tags/metadata (spot checks, test artifacts, FP/FN feedback), and that Seclore rights templates trigger from labels in common workflows (email + attachments, shared docs). Escalate mis‑mappings to L3.
4. Monitoring, reporting & evidence
   • Maintain weekly KPIs: label adoption %, add‑in coverage %, DLP tag‑match rate, exception backlog, incident MTTR; export audit evidence (change tickets, test logs, screenshots).
5. Adoption & training
   • Run short enablement sessions; capture UX friction (false prompts, confusing labels) and propose tuning to L3. Reference Microsoft 365 data‑classification dashboards where applicable.
6. Change & incident management
   • Raise/execute standard changes (policy push, client updates), handle P2/P3 incidents, support P1 as hands‑on executor under L3 Lead; complete RCA tasks and preventive actions.

• 2–4 years in Data Protection / Endpoint / M365 support, with 1+ year operating Fortra Titus/DCS (Office/Outlook add‑ins, labels, markings, policy deployments).
• Working knowledge of Forcepoint DLP (how it detects/uses classification metadata) and basic familiarity with Seclore classification‑driven protection.
• Strong Microsoft 365 user/admin literacy (Office client behavior, Outlook profiles, add‑ins, profile resets, basic tenant concepts; awareness of sensitivity labels).
• ITIL Incident/Change exposure; clear documentation and evidence habits for audits.
• Nice to have: Any vendor training/badges for Fortra/Titus; Forcepoint DLP admin exposure; basic understanding of label coexistence/GUIDs in M365.