Job
Description
Job Title: Principal Information Security Specialist Job Code: 10034 Country: IN City: Mumbai Skill Category: IT\Technology Description: Responsibilities: Lead operational execution of enterprise data protection tools including BigID, MIP, DLP, Thales, Truffle Hog, etc. Manage endtoend incident response workflows related to data leakage, sensitive data discovery, and misconfiguration. Ensure operational efficiency of data discovery, classification, and protection capabilities across endpoints, cloud, and onprem environments. Collaborate with engineering, compliance, legal, and business teams to define and implement data protection policies. Oversee and optimize data classification strategies (manual, suggestive, and automated). Track and report key metrics including incident trends, false positives, and SLA adherence. Drive adoption and user training programs related to data classification and labeling. Participate in and lead audits, risk assessments, and regulatory readiness reviews. Own tool lifecycle from onboarding, configuration, integration to tuning and decommissioning. Serve as escalation point for highpriority incidents, executive reporting, and stakeholder briefings. Knowledge, Skill, Experience Required: Required: 1315+ years of overall experience in Information Security. 8+ years of direct experience in data protection, DLP, or data privacy. Proven experience managing enterprisegrade tools like BigID, MIP, Symantec/Forcepoint DLP, Thales Cipher Trust, Truffle Hog, and/or others. Strong understanding of data discovery, classification, encryption, rights management, and related regulatory standards (e.g., GDPR, HIPAA, DPDP, CCPA). Solid background in cloud security controls (M365, AWS, Azure, GCP) and hybrid deployments. Expertise in SIEM and SOAR integrations, incident response, and threat modeling. Experience with scripting or automation (e.g., Python, PowerShell) a plus. Familiarity with compliance frameworks such as ISO 27001, NIST, RBI, etc. Beneficial: Symantec and Forcepoint DLP Certification Microsoft Certified: Information Protection Administrator Associate (SC400) Certifications such as CIPT, CIPP, CISSP, CISM, or equivalent preferred. Azure Security / Microsoft 365 Security certifications Personal Characteristics: Strategic thinker with handson execution capability. Excellent communication and stakeholder management skills across technical and nontechnical audiences. Strong problemsolving and analytical skills. High degree of professional integrity, ownership, and accountability. Proactive and collaborative team leader, able to operate in crossfunctional and matrixed environments. Adept at working under pressure with strong prioritization and decisionmaking skills. We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer s responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age. *Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.
