L2 Insider Threat Engineer - IRM
Mumbai, Maharashtra, India
WTW
WTW tarjoaa tietoon perustuvia, näkemyslähtöisiä ratkaisuja ihmisten, riskien ja pääoman alalla.This role would suit those with a background in troubleshooting, administering and implementing IRM technologies, and with technical experience of the Microsoft Security stack with a focus on Purview DLP, IRM and Defender.
As the L2 Insider Threat Engineer (IRM), the primary responsibilities will be:
• Responsible for implementing, maintaining, and troubleshooting the IRM technologies, policies and rules used in WTW.
• Work closely with the L3 Insider Threat Engineering Lead (IRM) to develop, implement, and refine rules and policies to help prevent data loss and protect sensitive information across the organisation.
• Ensure that IRM policies are fine-tuned and matured to reduce the number of false positives.
• Collaborate with cross-functional teams, including IT, Cyber Security, HR, legal, and compliance, to define data protection and insider risk requirements, policies and standards.
• Act as an escalation point for the L1 Insider Threat Engineers.
• Contribute to regular assessments of the Insider Threat Engineering function to identify areas for continuous improvement.
• Contribute to regular reports and updates to management on the performance and effectiveness of the IRM technologies.
• Identify trends and requirements aimed at improving and enhancing existing IRM policies, and report this upward through the security management chain.
• Provide guidance, coaching and support to L1 Insider Threat Engineers.
• Stay current with emerging IRM technologies in the cyber security landscape.
Secondary responsibilities
• Be an integral part of projects that enhance insider threat and data protection policies and standards.
• Other relevant tasks as designated by the Global Head of Insider Threat and L3 Insider Threat Engineering Leads.
Qualifications
What you will need:
• It is essential that you have experience implementing, troubleshooting and administering Insider Threat and DLP technologies in a global enterprise organisation.
• A solid engineering knowledge of the Microsoft Security stack, in particular Purview DLP, IRM and Defender.
• Relevant Microsoft qualifications in Purview DLP, IRM and Defender.
• Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA).
• Strong analytical problem-solving skills.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organization.
• Must be self-motivated and capable of independent work.
Beneficial:
• Previous experience of deploying the Microsoft Insider Risk Management module within a global enterprise organisation.
• Hands-on experience with KQL and PowerShell.
• Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Privacy Professional (CIPP)
-
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CCPA CIPP CISM CISSP Compliance GDPR HIPAA PowerShell Privacy Risk management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.