Security Controls Assessor

Job Title: Security Controls Assessor

Experience:

Reports To:

Role Overview:

Security Controls Assessor – Data Protection / DLP

Key Responsibilities:

• Ensure

  data classification and protection technologies

  are aligned with business, compliance, and regulatory requirements.

• Own the incident management process and operational aspects

  of DLP, ensuring timely triage, investigation, escalation, and closure.
• Work closely with

  vendor teams

  to monitor, track, and resolve incidents through to closure.
• Translate

  business data protection requirements

  into effective

  DLP rules, policies, and workflows

  to prevent data leakage.
• Provide

  expert guidance on DLP rule creation, fine-tuning, and integration

  with enterprise and third-party systems.
• Drive

  integration of DLP with third-party tools and security platforms

  such as SIEM, SOAR, CASB, and Endpoint Protection solutions.
• Own and manage the

  data leakage incident monitoring program

  , ensuring accurate reporting and timely remediation.
• Conduct

  technology risk assessments

  of IT systems, applications, and data workflows, identifying and mitigating security gaps.
• Liaise with

  ISG, SOC, IT Security, and Infrastructure teams

  for risk mitigation, configuration validation, and incident resolution.
• Collaborate with

  Business and InfoSec teams

  to align data protection measures with business workflows and compliance mandates.
• Provide support during

  regulatory audits (RBI, ISO 27001, GDPR, etc.)

  by maintaining relevant documentation and audit trails.
• Develop and maintain

  secure configuration documents

  and

  data protection governance frameworks

  .
• Recommend

  strategic enhancements

  to improve data protection posture and DLP operational efficiency.
• Communicate data security risks, incident status, and remediation progress to stakeholders and leadership.
• Continuously drive

  process improvement

  and

  maturity enhancement

  of DLP operations and incident management practices.

Skills & Technical Expertise:

• Core Competencies:

  Data Loss Prevention (DLP), Data Protection, Data Classification, Incident Management, Security Risk Assessment, Vendor Coordination

• Tools & Platforms:

• Microsoft O365 DLP
• McAfee / Trellix DLP
• Netskope (CASB / DLP)
• Titus / Bolden James (Data Classification)
• Seclore / other DRM solutions
• Proxy implementations and operational management
• SIEM/SOAR tools integration experience preferred

• Knowledge Areas:

• DRM, encryption (in transit and at rest), data masking, secure configuration management
• Data protection frameworks (RBI, ISO 27001, GDPR) and technology governance

Experience Requirements:

• 3–4 years of relevant experience in

  DLP operations

  ,

  incident management

  , and

  data protection governance

  , preferably within the

  Banking or BFSI sector

  .
• Hands-on experience with

  rule configuration, policy fine-tuning

  , and

  incident monitoring

  in enterprise-scale DLP environments.
• Experience in

  integrating DLP tools

  with

  third-party platforms

  (e.g., CASB, SIEM, Proxy, Endpoint Security).
• Proven experience in

  coordinating with vendors

  for incident handling, escalation, and closure.

Desired (Good to Have):

• Practical exposure to

  Microsoft 365 Security & Compliance Center

  ,

  Netskope CASB/DLP

  , and

  McAfee/Trellix DLP

  .
• Understanding of

  cloud data protection, insider threat management, and data governance

  .
• Experience preparing

  secure configuration documents

  and

  performing risk assessments

  .
• Relevant certifications such as

  CompTIA Security+

  ,

  CISM

  ,

  CISA

  , or

  Netskope NCCSS

  .

Soft Skills:

• Strong analytical, investigative, and problem-solving skills.
• Excellent communication and stakeholder coordination abilities.
• Ability to manage vendors and cross-functional teams effectively.
• Attention to detail, ownership mindset, and commitment to process excellence.
• Ability to work under regulatory and operational pressure while maintaining accuracy and composure.