Head of DLP Operations

To lead the strategy, implementation, and management of enterprise-wide Data Loss Prevention (DLP) programs designed to protect sensitive data. This role involves overseeing risk assessments, ensuring policy enforcement, and managing incident response to mitigate potential data breaches. Additionally, the position requires collaboration with Business Unit Chief Information Security Officer (CISO) teams, Chief Information Officer (CIO) teams, and Risk and Compliance departments to ensure regulatory compliance and safeguard information assets.

To act as a DLP subject matter expert and monitor the performance of operational controls, implement and manage DLP controls and consider lessons learnt in order to protect the bank from potential data breaches and reducing the Data Loss risk. 

• Define and implement enterprise-wide data loss prevention policies, frameworks, and technologies to protect sensitive data.
• Ensure adherence to regulatory requirements and industry best practices for date security.
• Oversee detection, analysis and resolution of DLP incidents, collaborating with cybersecurity and legal/compliance teams as needed.
• Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats.
• Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network.
• Establish continuous monitoring, reporting and analytics for data security threats, ensuring visibility and accountability.
• Define, implement and maintain enterprise-wide DLP policies, standards and guidelines to protect sensitive data.

• Experience utilising DLP tools such as Microsoft Purview, Proofpoint, Zscaler.
• Secretariat for the Data Loss Prevention Steering Committee.
• Own and maintain DLP Governance processes, ensuring alignment with business objectives and regulatory requirements.

• Lead and manage regulatory inspections.
• Collaborate with HR, legal, compliance and risk management teams to address regulatory changes and emerging threats.

• Drive automation and efficiency improvements to reduce false positives and improve data protection measures.
• Define clear roles, responsibilities and career development pathways for team members.
• Provide regular updates to senior executives on DLP risks, program effectiveness and strategic initiatives.

Purpose of the role

To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber-attacks and respond to threats. 

Accountabilities

• Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage.
• Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise.
• Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats.
• Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network.
• Management of cyber security incidents including remediation & driving to closure.

Director Expectations

• Provide expert advice to senior functional management and committees to influence decisions made outside of own function, offering significant input to function wide strategic initiatives.
• Manage, coordinate and enable resourcing, budgeting and policy creation for a significant sub-function.
• Escalates breaches of policies / procedure appropriately.
• Foster and guide compliance, ensure regulations are observed that relevant processes in place to facilitate adherence.
• Focus on the external environment, regulators, or advocacy groups to both monitor and influence on behalf of Barclays, when appropriate.
• Demonstrate extensive knowledge of how the function integrates with the business division / Group to achieve the overall business objectives.
• Maintain broad and comprehensive knowledge of industry theories and practices within own discipline alongside up-to-date relevant sector / functional knowledge, and insight into external market developments / initiatives.
• Use interpretative thinking and advanced analytical skills to solve problems and design solutions in often complex/ sensitive situations.
• Exercise management authority to make significant decisions and certain strategic decisions or recommendations within own area.
• Negotiate with and influence stakeholders at a senior level both internally and externally.
• Act as principal contact point for key clients and counterparts in other functions/ businesses divisions.
• Mandated as a spokesperson for the function and business division.

All Senior Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.