What you will do:
• Develop and maintain a comprehensive DLP strategy aligned with business objectives and regulatory requirements.
• Define policies and standards for data protection and handling across the enterprise.
• Establish governance for monitoring and reporting on DLP effectiveness.
• Implement and manage DLP tools and technologies (, Microsoft Purview, Symantec, Forcepoint).
• Configure and optimize DLP policies for endpoints, email, cloud, and network channels.
• Monitor alerts, investigate incidents, and coordinate remediation actions.
• Identify and mitigate risks related to data leakage and insider threats.
• Ensure compliance with GDPR, ISO 27001, PCI DSS, and other relevant frameworks.
• Maintain audit readiness and provide evidence for internal and external reviews.
• Collaborate with IT, Security, and Business teams to embed DLP controls into processes.
• Provide training and awareness to reduce human-related data loss risks.
• Stay updated on emerging threats, technologies, and best practices in data protection.
• Introduce automation and analytics to enhance DLP efficiency and incident response.
And... we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns.
What you will need:
• A minimum of 10 years of experience in information security or data protection.
• Capability for managing DLP programs and technologies ( network, endpoint, email, cloud etc)
• Hands-on experience with DLP tools and integration with SIEM/SOC workflows.
• Excellent analytical, problem-solving, and communication skills.
• Ability to lead investigations and coordinate cross-functional teams.
• Building and maintaining DLP policies and use cases driven by risk assessments
• Designing and testing DLP incident response playbooks for both malicious and accidental events.
• Defining relevant metrics and reporting for governance meetings
• Strong understanding of data protection principles ( UK GDPR), encryption, and regulatory compliance ( FCA/PRA rules)
• Knowledge of Office 365 / Purview and Varonis preferred, but not essential.
• Experience of undertaking risk assessments, threat modelling and data flow mappings.
• Experience of utilising DLP controls to manage
• Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders
Our promise to you…
• We will make sure that you are well-rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts!
• We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!