Overview
The Data Protection Specialist is responsible for ensuring that Core42's data is properly protected and compliant with relevant regulations. This role involves implementing, and maintaining data protection policies, managing data protection risks, and ensuring that data handling practices align with legal and regulatory requirements. The specialist will work closely with various departments and business units to safeguard sensitive information and support the Core42's overall data governance strategy. It involves performing dat to day operational activities for managing and operating Data Loss Prevention (DLP) tools and technologies, handling DLP incidents. This role involves close coordination with users, HR and business units SPOCs and IT teams, escalating incidents when necessary, and ensuring timely resolution of data protection issues.
Core42 is the UAE’s national-scale enabler for cloud and generative AI, combining G42 Group’s expertise across multiple technology disciplines into a single platform for public sector and large enterprise transformations. Building on our capabilities as sovereign cloud and HPC specialist, we bring generative AI, cybersecurity, professional and managed services expertise to enable national-scale program deployments across industries.
Responsibilities
- Develop and execute data protection policies and procedures.
- Monitor and assess data protection compliance across Core42 and its BUs.
- Conduct regular data protection impact assessments (DPIAs) and audits.
- Identify and mitigate data protection risks through proactive measures.
- Deploy and configure DLP agents on endpoints, email servers, and web gateways.
- Maintain and update DLP management servers and ensure proper network integration.
- Develop and enforce DLP policies across different data channels (web, email, endpoints).
- Customize and fine-tune policies to minimize false positives and address specific organizational needs.
- Integrate DLP with other security solutions (SIEM, CASB, IAM) for enhanced protection and automated incident response.
- Continuously monitor DLP incidents through the DLP dashboard and other monitoring tools.
- Triage and prioritize DLP incidents based on severity and potential impact on the organization.
- Conduct detailed investigations of DLP incidents, including data analysis and root cause identification.
- Follow up with users involved in DLP incidents to gather additional information and provide guidance on remediation.
- Coordinate with relevant stakeholders (IT, legal, HR) to manage and resolve DLP incidents.
- Escalate significant incidents to higher management or external authorities as per compliance policies.
- Implement corrective actions to resolve DLP incidents and prevent recurrence.
- Work with IT teams to apply technical fixes, such as adjusting access controls, updating software, or patching vulnerabilities.
- Provide training and support to users involved in DLP incidents to improve awareness and compliance with data protection policies.
- Document all incidents, actions taken, and resolutions in the incident management system.
- Generate and distribute regular reports on DLP incidents, trends, and compliance status to senior management.
- Ensure that DLP practices align with relevant data protection regulations (e.g., GDPR, CCPA, HIPAA).
- Audit Preparation:
- Prepare documentation and evidence for internal and external audits related to data protection and DLP.
- Conduct regular reviews and updates of DLP policies and procedures to ensure ongoing compliance and effectiveness.
- Collaborate with other Information security teams to understand and mitigate data sensitivity and security risks.
- Ensure the deployment of other security tools such as Proxy, EDR, Data classification, CASB are in align with DLP policies and tuned to create alerts and incidents.
- Stay up-to-date in current tools, techniques, and vulnerabilities to incorporate into testing practices.
- Reviewing the Changes on IT infrastructure and ensuring all changes are performed as per the security policies.
- Managing Phishing Triage incidents, and email security operations.
- Work with the Technology development and network teams to implement appropriate security solutions and tools based on the level of risk identified.
- Support in Integration and Design of Core42 Hybrid cloud setups and ensure all security controls are implemented.
- Establish clear understanding and documentation of processes related to cyber security infrastructure.
- Managing and addressing escalations related to Security operations deliverables
- Reviewing HLD, LLD, run books, SOP & Handover Check lists related to Security deployments.
- Managing Security Devices and Technologies such as DLP, Authentication Services, Web Proxy, CASB, Endpoint Detection and Response, Data classification, Data Encryption, Anti Malware, Email Anti-Spam and File Integrity Monitoring, DMARC monitoring.
- Post Implementation Review of changes on Security Devices.
- Support the technology integration and implementation of security controls, hardening of IT and Security Devices.
- Assist in IT and Security Incidence resolution and CSIRT table tops exercise.
- Review Periodic Health Checks on Security Tools.
- Leverage security automation tooling and develop playbooks and workflows based on operational use cases.
- Establish clear maintenance and support procedures for endpoint security capabilities.
- Maintaining detailed knowledge of emerging threats, risks, technical innovations and security capabilities.
- Conducting KPI and KRI assessment for Security Operations tasks performed by different teams.
- Reviewing DLP operations such as alert monitoring, data exfiltration alerts, policies and procedure, and business specific keywords monitoring DLP controls.
- Asset Management review from Infosec.
- Software and tools Assessment and taking part in POCs from Security Solutions.
- Managing IOCs, as per security advisories and taking needful actions.
Qualifications
- Bachelor/ Master’s degree required in Computer Science / Information Security/ IT/ Software Engineering.
- Experience of minimum 7 years in IT with at least 2 years of experience in a similar role.
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk manage.
- Good knowledge on email gateway, network security and incident management.
- Hands on expertise in managing, configuring and deploying various tools like – Forcepoint DLP, Proxy, Crowd Strike EDR O365 Cloud Security, Service Now Ticketing, Web Security, AV, UBEA, & CASB/ SSE.
- Proficiency in configuring and managing DLP solutions (Forcepoint, Symantec, McAfee, Ms IRMc.).
- Strong understanding of data protection regulations and best practices.
- Experience with incident management and response processes.
- Familiarity with SIEM systems (e.g., Splunk, IBM QRadar) and their integration with DLP tools.
- Act as SME for information security to provide solutions and for problem solving.
- Report security violations and provide information security best practices to follow and recommendations.
- Good Understanding of security tools and effective management of same.
- Good Analytical and problem-solving skills
- Ability to work in high stress environment.
- Excellent written and verbal communication, interpersonal and collaborative skills.
- Advanced training certifications may be advantageous and ability to remain current on the latest technologies and best practices in information security.
What Working At CORE42 Offers
Culture: An open, diverse and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.
Career: Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.
Work-Life: A hybrid work policy to strike the perfect balance between office and home.
Rewards: A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.
About CORE42
CORE42 is a global leader in creating visionary artificial intelligence for a better tomorrow. Born in Abu Dhabi and operating across the world, CORE42 champions AI as a powerful force for good. Its people are constantly reimagining what technology can do, applying advanced thinking and innovation to accelerate progress and tackle society’s most pressing problems.
CORE42 is driving change in the region and beyond, joining forces with nations, corporations and individuals to create the infrastructure for tomorrow’s world. From molecular medicine to space travel and everything in between, CORE42 realizes exponential possibilities, today.
To confidently demonstrate that you meet the criteria above, please contact us.