Overview‍

Gallagher operates Data Loss Prevention (DLP) technologies and processes to seek to protect data in transit and to prevent and/or detect the unauthorized egress (leakage) of Gallagher information, whether related to current, past or prospective employees, customers, insurance market participants or suppliers. Responsible for leading and managing Gallagher’s approach to data loss prevention to ensure that we implement appropriate preventative and monitoring controls across our global operations to manage the risk to Gallagher information.

This role is responsible for the triage, investigation, escalation and closure of DLP incidents, the recommendation, implementation and maintenance of effective DLP policies and the production of monthly and ad-hoc DLP reports to minimize Gallagher’s risk of data leakage, identify data leakage and to monitor compliance with company information security and privacy policies for in scope entities.

The individual is expected to have experience of DLP and working with DLP console, good knowledge of data leakage methods and understanding of the different data types processed across entities and to keep that knowledge up to date.

This is an essential role within the DLP team to support them along with the Global Chief Information Security Officer and Global Chief Privacy Officer in the delivery of their data protection strategy. The role will provide hands on advice, guidance and support, the businesses and central services functions to assist in the identification, management and monitoring of Gallagher’s privacy and security risks in line with our risk appetite.

‍

‍

‍How you'll make an impact‍

• Responsible for triage and investigation of DLP events and the escalation of instances of non-compliance with company policy and potential/actual instances of data leakage (either personal data or commercial data) using DLP Solutions on a day to day basis.
• Validating white listed user activity.
• Advising on required rulesets and ruleset optimization and tuning to reduce false positives based on patterns observed during event analysis.
• Performing control checks at regular intervals.
• Preparation of monthly DLP reports and dashboards including trend and root cause analysis as well as achievement against SLAs and KPIs.
• Providing detailed DLP analysis support for stakeholders.
• Contribution to the overall DLP process improvement and documentation.
• Supporting the incident management framework.
• Building and maintaining good stakeholder relationships.

‍

‍

‍About you‍

• Min 2+ years experience in DLP
• McAfee/Microsoft/SkyHigh Security DLP certified beneficial but not essential
• DLP solution capabilities
• Knowledge of DLP capabilities
• Proven track record of incident investigation and escalation
• Knowledge of McAfee/Microsoft/SkyHigh Security DLP an advantage
• Knowledge of SIEM tool an advantage but not essential
• Knowledge of Incident ticket tool an advantage but not essential
• Knowledge of the insurance broking or insurance sector an advantage but not essential
• Hand on experience with DLP tool – Preferred McAfee/Microsoft/SkyHigh Security DLP
• Incident Management - Triage, investigation and escalation
• Assessing risk
• Report production
• Supporting the maintenance of standard operating procedures
• Working effectively in a shared mailbox Skills/other
• Familiarity with sensitive data types/identifiers, classifications, etc.
• Ability to understand drivers and priorities with regard to business and regulatory requirements
• Excellent spoken and written English communication skills
• Analytical and investigative skills
• Report writing
• MS Office
• Confidence to challenge views and opinions and make recommendations for improvements to policies and processes
• Fine attention to detail

‍