DLP Engineer

Join a global cybersecurity team responsible for protecting data, systems and critical business processes across a complex, international environment. This role is focused on Data Loss Prevention and broader data security, ensuring that sensitive information is properly protected and handled.

• Approximately 4–5 years of experience in cybersecurity, ideally with a strong focus on data security or DLP
• Hands‑on experience with enterprise DLP solutions (e.g. Symantec DLP, Trellix, Proofpoint – at least two is preferred)
• Proven experience in protecting data in motion and data in use
• Experience with endpoint agents administration/configuration and system administration (on‑prem and/or cloud)
• Experience managing DLP policies and endpoint‑related exceptions
• Good documentation and task management skills (e.g. Confluence, Jira or similar tools)
• Experience in test planning, test case design, test data preparation and execution, including defect management
• Experience working in a highly regulated environment (e.g. financial services) is a strong advantage
• Ability to communicate technical and security topics clearly to non‑technical stakeholders
• Strong attention to detail, organisational skills and the ability to work independently in a distributed team

Nice to have:

• Experience with test automation
• Exposure to privacy, data classification and data anonymisation topics
• Experience dealing with auditors or regulators

• Support the delivery and execution of the overall cybersecurity and data protection strategy
• Develop, maintain and oversee DLP policies, standards and governance
• Configure and support tools and controls that enforce data security policies
• Work closely with IT, security and business teams to implement security requirements in projects and BAU
• Monitor the effectiveness of data security controls using agreed KPIs and metrics, provide regular reporting
• Analyse and manage DLP and endpoint exceptions, ensuring appropriate risk-based decisions are made
• Collaborate with control owners, service owners and platform owners to improve control design, performance and coverage
• Participate in incident analysis and contribute to root cause identification and remediation
• Support internal and external audits, regulatory reviews and compliance initiatives related to data protection
• Proactively identify risks and contribute to technology and process improvements to reduce them

Location: Kraków (hybrid model, 6 days per month from the office)