Insider Risk Security Manager (DLP)

Please Note: The deadline for applying is 23.59 the day before the job posting end date.

Job Title: Insider Risk Security Manager (DLP)

Location: Kingston Head Office

Unilever is one of the world’s leading suppliers of Food, Home, and Personal Care products with sales in over 190 countries and reaching 3.4 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Persil, Dove, Knorr, Domestos, Hellmann’s, Wall’s, Ben & Jerry’s, Marmite, Magnum, and Lynx. Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That’s why our purpose as Unilever is ‘to make sustainable living commonplace’.

At Unilever, we’re determined to achieve a culture where everyone can thrive, a culture where all individuals are treated fairly and respectfully, and where their uniqueness is celebrated. We’re taking a holistic approach that focuses on how we can use the scale and reach of our business to have the greatest impact in our own workplace and beyond. We’ve set clear goals to eliminate any bias and discrimination in our policies and practices, accelerate diverse representation in our leadership, and remove barriers for people with disabilities. At the same time, we’re setting out to spend more with diverse businesses and increasing representation of diverse groups in our advertising. Find out more about our commitment to equity, diversity, and inclusion on our website.

Unilever’s Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security enables secure innovation and resilience across our global business. Our structure is built around product families and risk-based priorities, with teams embedded across regions and business units.

JOB PURPOSE 

The Insider Risk team is primarily focused on the security of our people​ and data, as opposed to our technologies, internal security helps prevent data loss through controls and recognizing unusual behaviors that could indicate accidental, negligent or malicious activity. They manage the Insider Risks Data Loss Prevention service to support detection capabilities to allow for prevention, containment and response controls. Insider Risk also support the management of policies that apply to our data to ensure it is safe but usable across our business.

Role Summary:

A vacancy exists for a Data Loss Prevention manager within Unilever’s Insider Risk Team. The successful candidate will be responsible for helping to keep Unilever and our systems, data, and customers secure.

Key areas delivered by the Insider Trust team include:

• Ensuring the deployment and running of security tooling, in conjunction with the Tech & Ops team.
• Playing an active role in the definition and iteration of the Unilever Cyber Security transformation.
• Continuously explore and implement cost effective measures to optimize security investment
• Influencing a broad range of stakeholders in various teams across the business, including IT architects, developers and engineers, programme managers, and business data owners
• Managing and utilizing cyber security tooling and capabilities, including detection and monitoring activities.
• Managing investigations into any suspicious activities on our systems and taking any necessary steps to remedy them in a timely manner.
• Providing sensitive investigative services to other key Unilever investigative functions
• Reducing any risk or impact caused by a cyber incident
• Advising the broader organization on security best practices where applicable.

RESPONSIBILITIES 

• Define policies for data classification, protection, and handling based on sensitivity and regulatory needs.
• Ensure coverage across endpoints, email, network, and cloud services
• Monitor DLP systems for alerts related to unauthorized data access, movement, or exfiltration.
• Investigate incidents to determine root cause and assess business impact.
• Coordinate with forensics and incident response teams when potential breaches involve sensitive data
• Collaborate with Legal, HR, Engineering, and Compliance to review and update policies.
• Tune detection rules and reduce false positives to improve operational efficiency.
• Promote a culture of data responsibility and cyber hygiene.
• Act as the primary point of contact for DLP-related incidents and investigations.
• Address data movement between enterprise IT and plant-level OT systems (e.g., USB controls, file transfers).
• Define KPIs for data protection effectiveness (e.g., incident volume, false positives, policy coverage).
• Stay current with emerging threats and technologies in the data protection space.
• Continuously explore and implement cost-effective measures to optimize security investment
• Manage insider investigation analyst resources to effectively deliver against multiple workloads.
• Collaborate with the Security Engineering team in deploying new security tools and governing existing global security tools related to Insider Risk services.
• Own and update playbooks for relevant security best practices for the team

ALL ABOUT YOU 

Technical Skills

• DLP Tools & Platforms:
• Proficiency with DLP solutions, in particular Microsoft Purview
• Security Monitoring & Analysis:
• Experience integrating DLP with SIEM, EDR, and CASB tools to monitor data flows and detect suspicious behavior.
• Policy Creation & Tuning:
• Ability to create, tune, and enforce DLP policies for endpoints, network, email, and cloud environments.
• Data Classification & Tagging:
• Knowledge of methods for identifying, labeling, and controlling access to sensitive or proprietary data.
• Incident Response & Investigation:
• Skilled in handling, documenting, and remediating DLP violations and collaborating with forensics teams.
• Knowledge of Regulatory Frameworks:
• Familiarity with compliance requirements such as GDPR, CCPA, ITAR, DFARS/CMMC, and data sovereignty laws.
• Encryption & Access Control: Understanding of how to apply encryption, rights management, and role-based access controls to prevent data leakage.
• Cloud Security: Experience applying DLP controls in cloud environments (e.g., Microsoft 365, AWS, Azure) using cloud-native or third-party tools.

Experience

• Communication Skills: Ability to explain complex security topics to non-technical stakeholders
• Policy Development: Skilled in drafting practical, enforceable data protection policies aligned with business needs.
• Collaboration & Influence: Comfortable working with Legal, HR, Engineering, and OT teams to enforce DLP controls.
• Analytical Thinking: Strong problem-solving skills for analyzing data movement and identifying potential leakage points.
• Training & Awareness: Experience developing user training programs to improve data handling behaviors.
• Project Management: Capable of leading DLP rollouts, tool upgrades, and compliance initiatives across large or multi-site environments.

Behaviors

Candidates would be required to demonstrate the Unilever Standards of Leadership & live the Values through showing the following behaviors:

• Agility – Flexes leadership style and plans to meet changing situations with urgency. Learns from the past, envisions the future, has a healthy dissatisfaction with the status quo.
• Personal Mastery – Actively builds wellbeing and resilience in themselves and their team. Has emotional intelligence to take feedback, manage mood and motivations, and build empathy for others. Sets high standards for themselves and always brings their best self.
• Passion for High Performance – Inspires the energy needed to win, generating intensity and focus to motivate people to deliver results at speed.

About Unilever 

Unilever is one of the world’s leading suppliers of Food, Home and Personal Care products with sales in over 190 countries and reaching 2 billion consumers a day. Unilever has more than 400 brands found in homes around the world, including Dove, Tresemme, Lynx, Lifebuoy, Shea Moisture, Persil, Domestos, Ben & Jerry’s, Magnum, Marmite, The Vegetarian Butcher, Graze and Pot Noodle.

Faced with the challenge of climate change and the need for human development, we want to move towards a world where everyone can live well and within the natural limits of the planet. That’s why our purpose is ‘to make sustainable living commonplace’  

ONLY IF ADVERTISED @ 100VE and Kingston

Location  

In June 2020 we announced our plan to consolidate a number of Unilever’s offices across the South East of England into a new Unilever campus in Kingston-upon-Thames in or around early 2025. However, on the 08 August 2024 we announced to our existing staff our proposal to retain our central Head Office in London, 100 Victoria Embankment (“100VE”) until our lease expires in 2027. As a result of this new proposal, we will be consulting with our existing staff, and new joiners who join during this period of consultation at 100VE, on the proposal made in August 2024. During consultation we will clarify the future location of each team and function. This means your role will either be based in 100VE until 2027 or in Kingston-Upon-Thames from early 2025. As we are yet to commence consultation on the proposal you agree, until such a time when consultation has concluded, your normal place of work as set out in the enclosed Statement of Terms & Conditions will be 100VE. You agree that on the conclusion of the consultation your place of work will be 100VE or 100VE until early 2025 and then Kingston-upon-Thames ("the locations") and you will be notified of which of the locations will be your place of work after that consultation ends.

What We Offer 

Not only do we offer a competitive salary and pension scheme, we also offer an annual bonus, subsidised gym membership, a discounted staff shop and shares. You’ll have the opportunity to work directly with our renowned and exciting brands in a flexible and hybrid working environment.

Whilst the role is advertised on a full-time basis, we would be happy to discuss possible flexible working options and what this may look like for you. We are a key advocate of wellbeing and offer a variety of support for our people including hubs, programmes and development opportunities. We strive to achieve a family-friendly and inclusive workplace and to, above all, create possibilities for all. 

Diversity at Unilever is about inclusion, embracing differences, creating possibilities and growing together for better business performance. We embrace diversity in our workforce. This means giving full and fair consideration to all applicants and continuing development of all employees regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity. We are also more than happy to provide reasonable adjustments during our application and interview process to enable you to be present your best self. To find out more, including about our Employee Resource Groups, please click here Equity, Diversity & Inclusion at Unilever | Unilever.

Recruitment Fraud 

Cyber criminals advertise fake job adverts with prestigious employers as a way of stealing information or even defrauding individuals out of money. In the most sophisticated cases, they will set up fake websites, which have a similar address to companies like Unilever. They even conduct fake telephone interviews and then offer candidates a role with the proviso they pay a fee for background checks or to cover work visa costs.  These types of attacks are becoming more common as more people are looking for employment in the economic climate. 

How is Unilever tackling this? 

Many of Unilever’s recruitment sites publish a warning to candidates about recruitment fraud. The Cyber Security team also proactively scan for signs of people setting up fake Unilever sites and act to close them down. 

What can I do? 

If you become aware of potential recruitment fraud, spot fake Unilever recruitment adverts or fake LinkedIn profiles, report them via Una Live Chat. 

Unilever does not accept responsibility or liability for any candidates who are financially impacted by recruitment fraud. Your vigilance is key!