Security Controls Assessor

Job Title: Security Controls Assessor Experience:7–8 Years (Relevant: 3-4 years) |Industry:Banking / Financial Services |Location:[Airoli – Navi Mumbai] Reports To:Information Security ManagerRole Overview: TheSecurity Controls Assessor – Data Protection / DLPwill be responsible for ensuring effective design, implementation, and monitoring ofdata security and protection controlsacross the bank’s environment. The role involvesend-to-end ownership of DLP operations, incident management, and governance , ensuring compliance with regulatory standards and internal security policies. The position requires close coordination with internal teams and external vendors to ensure robust protection of sensitive data.Key Responsibilities: Ensuredata classification and protection technologiesare aligned with business, compliance, and regulatory requirements. Own the incident management process and operational aspectsof DLP, ensuring timely triage, investigation, escalation, and closure. Work closely withvendor teamsto monitor, track, and resolve incidents through to closure. Translatebusiness data protection requirementsinto effectiveDLP rules, policies, and workflowsto prevent data leakage. Provideexpert guidance on DLP rule creation, fine-tuning, and integrationwith enterprise and third-party systems. Driveintegration of DLP with third-party tools and security platformssuch as SIEM, SOAR, CASB, and Endpoint Protection solutions. Own and manage thedata leakage incident monitoring program , ensuring accurate reporting and timely remediation. Conducttechnology risk assessmentsof IT systems, applications, and data workflows, identifying and mitigating security gaps. Liaise withISG, SOC, IT Security, and Infrastructure teamsfor risk mitigation, configuration validation, and incident resolution. Collaborate withBusiness and InfoSec teamsto align data protection measures with business workflows and compliance mandates. Provide support duringregulatory audits (RBI, ISO 27001, GDPR, etc.)by maintaining relevant documentation and audit trails. Develop and maintainsecure configuration documentsanddata protection governance frameworks . Recommendstrategic enhancementsto improve data protection posture and DLP operational efficiency. Communicate data security risks, incident status, and remediation progress to stakeholders and leadership. Continuously driveprocess improvementandmaturity enhancementof DLP operations and incident management practices.Skills & Technical Expertise: Core Competencies:Data Loss Prevention (DLP), Data Protection, Data Classification, Incident Management, Security Risk Assessment, Vendor Coordination Tools & Platforms: Microsoft O365 DLP McAfee / Trellix DLP Netskope (CASB / DLP) Titus / Bolden James (Data Classification) Seclore / other DRM solutions Proxy implementations and operational management SIEM/SOAR tools integration experience preferred Knowledge Areas: DRM, encryption (in transit and at rest), data masking, secure configuration management Data protection frameworks (RBI, ISO 27001, GDPR) and technology governanceExperience Requirements: 3–4 years of relevant experience inDLP operations ,incident management , anddata protection governance , preferably within theBanking or BFSI sector . Hands-on experience withrule configuration, policy fine-tuning , andincident monitoringin enterprise-scale DLP environments. Experience inintegrating DLP toolswiththird-party platforms(e.g., CASB, SIEM, Proxy, Endpoint Security). Proven experience incoordinating with vendorsfor incident handling, escalation, and closure.Desired (Good to Have): Practical exposure toMicrosoft 365 Security & Compliance Center ,Netskope CASB/DLP , andMcAfee/Trellix DLP . Understanding ofcloud data protection, insider threat management, and data governance . Experience preparingsecure configuration documentsandperforming risk assessments . Relevant certifications such asCompTIA Security+ ,CISM ,CISA , orNetskope NCCSS .Soft Skills: Strong analytical, investigative, and problem-solving skills. Excellent communication and stakeholder coordination abilities. Ability to manage vendors and cross-functional teams effectively. Attention to detail, ownership mindset, and commitment to process excellence. Ability to work under regulatory and operational pressure while maintaining accuracy and composure.

Apply Now