ITC Infotech - L3 DLP Lead - Forcepoint

L3 DLP Lead (Forcepoint)

Key Responsibilities :

- Develop, maintain, and enhance DLP policies to prevent unauthorized data transmission and ensure adherence to regulatory mandates.

- Conduct deep-dive investigations into high-priority DLP incidents and collaborate with legal, HR, and IT teams to manage insider threat cases.

- Maintain a structured reporting and escalation process for DLP events, with proactive recommendations on improving policy effectiveness.

- Drive quarterly DLP risk assessments, incident trend analysis, and recommend policy enhancements to improve data security posture.

- Provide L2 escalation support and perform RCA for high-severity alerts, ensuring false positive tuning and response playbook improvement.

- Guide implementation of context-aware DLP policies based on user behavior, data classification, and business risk scoring.

- Review system logs, audit trails, and SIEM integrations for DLP event correlation and ensure integration with the overall SOC process.

- Act as SME during audits and assessments involving data loss and privacy risk, producing required documentation and evidence.

- Mentor L2 team and ensure upskilling on Forcepoint DLP administration, policy simulation, and advanced rule logic creation.

Key Skills & Certifications :

- Strong experience with Forcepoint DLP, incident triaging, policy tuning, and regulatory alignment.

- In-depth understanding of RBI, SEBI, DPDP mandates related to data security.

- Hands-on with DLP integrations email, endpoint, web, cloud.

- Certified DLP Professional (Forcepoint) or equivalent.

- CISM, ISO 27001 LA preferred.