Job Requisition ID: 157962

Established in the 1930s as a trading business, Al-Futtaim Group today is one of the most diversified and progressive, privately held regional businesses headquartered in Dubai, United Arab Emirates. Structured into five operating divisions; automotive, financial services, real estate, retail and healthcare; employing more than 35,000 employees across more than 20 countries in the Middle East, Asia and Africa, Al-Futtaim Group partners with over 200 of the world\'s most admired and innovative brands. Al-Futtaim Group\'s entrepreneurship and relentless customer focus enables the organisation to continue to grow and expand; responding to the changing needs of our customers within the societies in which we operate.

By upholding our values of respect, excellence, collaboration and integrity; Al-Futtaim Group continues to enrich the lives and aspirations of our customers each and every day.

Overview of the role

As a crucial member of the Cybersecurity subfunction within the CISO office, the Data Protection Specialist plays a pivotal role in leading the development, implementation, and product management of data protection solutions. In the rapidly evolving landscape of cybersecurity, this role remains at the forefront of safeguarding organizations from emerging data exfiltration risks. Data Protection Specialist continuously adapt their skills and approaches to stay ahead of evolving threats, ensuring the organization\'s data remains secure and resilient. By fulfilling this role, the Data Protection Specialist actively contributes to the key objective of the organization, which revolves around enhancing Cyber Security Resilience.

What you will do

Strategic Contribution

• Data Protection Roadmap Management: Collaborate with cross-functional teams to develop and maintain comprehensive data protection security roadmaps.
• Architecture and Design Artifacts: Create and maintain the architecture and design artifacts related to data protection. Ensure that these documents align with industry best practices and comply with relevant regulations and standards.
• License Utilization and Cost Optimization: Analyse and optimize license utilization to ensure cost-effectiveness while maintaining the highest level of security. Identify opportunities to enhance the yield per license and maximize return on our security investment.
• Data Protection Program Management: Support the ongoing management of the Data Protection program, including continuous improvement efforts, risk assessment, and mitigation strategies. Collaborate with relevant stakeholders to ensure the successful implementation and management of these projects, delivering the agreed outcomes effectively.
• Vendor Communications: Stay connected with Microsoft and other DLP solution providers. Engage with their official blogs, documentation, and forums to learn about updates, new features, and best practices.
• Online Communities: Participate in online forums and communities dedicated to data protection and DLP.
• Industry Publications and Blogs: Subscribe to reputable industry publications, blogs, and newsletters that cover data security and DLP-related topics.

• Continuous Learning: Dedicate time regularly to research and learn about data security, DLP technologies, and Microsoft solutions. Participate in webinars, workshops, and conferences focused on data protection and cybersecurity

Tactical Contribution

Ensure overall governance of operation, configuration, monitoring, and implementation of Data Protection Suite which includes - MIP, DLP, MCAS, Intune * Design and Implement DLP Policies: Collaborate with IT and security teams to develop and deploy effective data loss prevention policies using Microsoft DLP solutions, such as Microsoft 365 DLP, Azure Information Protection, Microsoft Cloud App Security, and Intune

• Monitoring and Incident Response: Continuously monitor data flow, access, and usage patterns to detect potential data breaches or policy violations. Take immediate action in response to DLP incidents, investigating and mitigating security risks promptly.
• DLP Policy Maintenance: Regularly review and update DLP policies based on changing data security requirements, industry best practices, and regulatory standards to ensure optimal protection against data leaks.
• End-User Awareness and Training: Conduct training sessions and awareness programs for employees to educate them about data protection guidelines and reinforce DLP best practices.
• Collaborate with Cross-Functional Teams: Work closely with the IT, compliance, legal, and business teams to align data protection efforts and ensure seamless integration of DLP measures into existing workflows.
• Security Risk Assessments: Perform risk assessments and audits to identify potential vulnerabilities, analyse security gaps, and recommend appropriate remediation actions.
• Reporting and Documentation: Generate regular reports on DLP incidents, trends, and overall data protection performance. Maintain comprehensive documentation of DLP policies, procedures, and configurations.

People Management

Ensure that the goals are achieved through effective leadership and management by setting individual objectives, monitoring performance, supporting the development of staff, and motivating them to achieve their best work.

Regulatory Compliance and Privacy

Take on the responsibility of ensuring compliance requirements from CBUAE ADHIS & DOH and safeguarding sensitive data by implementing monitoring implemented controls, monitoring data breaches, and collaborating with BU, IT & legal, and compliance teams to meet regulatory requirements.

Required skills to be successful

• Proven experience in data loss prevention, security operations, or similar cybersecurity roles.
• Hands-on expertise with Microsoft DLP solutions, including Microsoft 365 DLP, Azure Information Protection, and Microsoft Cloud App Security, MS Intune with at least 1 full lifecycle implementation of DLP solution [Data Classification to DLP delivery using MS technologies].
• Familiarity with data protection regulations and frameworks (e.g., GDPR, HIPAA, ISO 27001) is advantageous.
• Strong analytical and problem-solving skills, with the ability to handle complex security incidents.
• Excellent communication skills to effectively collaborate with various teams and deliver training sessions.
• Relevant certifications such as Microsoft Information Protection Administrator Associate Microsoft Azure Security Engineer Associate or similar, Certified Information Systems Security Professional (CISSP) are a plus.
• Excellent verbal and written communication skills.
• Strong analytical and problem-solving skills.
• Experience in developing metrics and preparing operational dashboards

What equips you for the role

• Bachelor\'s degree in Business, IT, Engineering, or similar.
• 10 years of experience in Information Technology in a customer facing capacity and 2 years in cyber security related field

We\'re here to provide excellent service but a little help from you can ensure a five-star candidate experience from start to finish.

Before you click \xe2\x80\x9capply\xe2\x80\x9d: Please read the job description carefully to ensure you can confidently demonstrate why this opportunity is right for you and take the time to put together a well-crafted and personalised CV to further boost your visibility. Our global Talent Acquisition team members are all assigned to specific businesses to ensure that we make the best matches between talent and opportunities. We not only consider the requisite compatibility of skills and behaviours, but also how candidates align with our Values of Respect, Integrity, Collaboration, and Excellence.

As part of our candidate experience promise, we also want to make ourselves available to you throughout the application process. We make every effort to review and respond to every application.

Al-Futtaim