Data Loss Prevention Specialist

Permanent contract|Montreal|Information Technology

Data Loss Prevention Specialist

Montreal, Canada Permanent contract Information Technology


The Data Loss Prevention Specialist for Société Générale is responsible for the delivery of DLP missions in the Americas region to ensure security controls are functioning both effectively and efficiently. This position requires hands-on engagement as a security analysis and demands strong collaboration with global contributors at all levels of the organization. The role also requires the candidate to manage all aspects of their projects, lead contributors from globally distributed teams, and to regularly communicate updates to senior management.

The ideal candidate will have a solid understanding of DLP principles, security best practices (e.g. NIST, ISO), and key regulations applicable to a global financial services organization (e.g. NYDFS 500, GDPR).

Essential competencies include highly proactive and autonomous engagement, strong communication capabilities at all levels of the organization, and ability to influence without authority at both the regional and global level.

As a key member of the global Data & Cyber Security DLP team, the candidate will be involved in all facets of security controls planning, implementation, and operations. Key responsibilities include:

  • Management and operational execution and of DLP controls supporting the Americas region
  • Perform policy, process, and data analysis to assess requirements and identify control gaps
  • Define and implement solutions to align controls with defined risk tolerances
  • Independently develop project plans and drive transformational initiatives through delivery
  • Ensure solutions are strategically aligned, regulatorily compliant, sustainable, and make efficient use of organizational resources
  • Propose and secure support for both tactical and strategic risk mitigation recommendations
  • Lead coalition of project contributors from the global infrastructure, IT, and business teams
  • Provide continuous project status updates to sponsors, stakeholders, and senior management
  • Collaborate with DCS GRC, risk team, and auditors/regulators in risk assessment and mitigation
  • Establish and maintain strong levels of trust with both regional and global partners

Profile required

Knowledge & Experience Needed:

  • 7-10 years of experience in information security, data loss prevention and related security practices
  • Ability to effectively influence without authority
  • Strong communication, analytical, problem solving, and project management skills
  • Proficiency with Symantec DLP, Symantec CloudSOC, and related control policy management
  • Experience with the implementation of DLP controls on the public cloud
  • Experience working in a global context with a broad range of policies and procedures
  • Experience working with oversight teams (e.g. 2LOD, 3LOD) and external auditors/regulators
  • Understanding of application and data security principalse as well as systems programming, design, computer technology or software disciplines
  • Understanding of security regulatory requirements (e.g. NYDFS 500, GDPR), and industry frameworks/best practices (e.g. FFIEC, NIST, ISO)
  • Proficiency with Visio and MS Office suite tools (Excel, PowerPoint, Word)
  • French language skills (preferred)


  • Bachelor degree in Information Security, Computre Science, or related concentration
  • CISSP, CCSP, CCSK, CISM or related certification(s) required
  • Certified training in information security solutions and practices

Business insight

Data & Cyber Security (DCS) is globally responsible for securing and steering Information Security and Cybersecurity related risks for the Global Banking and Investor Solutions (GBIS) division and related Service Units. DCS is composed of diverse and talented professionals who translate ideas into action daily by combining the strength of its expertise with a deep understanding of GBIS and Service Unit needs.

The Digital Data Security and Protection (DSP) team within DCS is responsible for managing Identity & Access Management (IAM) and Data Loss Prevention (DLP) capabilities.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, sexual or gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Reference: 21000I59
Entity: SG CIB
Starting date: 2021/07/26
Publication date: 2021/06/07