Information Protection Manager in Bucuresti

We’re JTI, Japan Tobacco International and we believe in freedom. We think that the possibilities are limitless when you’re free to choose. In fact, we’ve spent the last 20 years innovating, creating new and better products for our consumers to choose from. It’s how we’ve grown to be present in 130 countries. But our business isn’t just business. Our business is our people. Their talent. Their potential. We believe when they’re free to be themselves, grow, travel and develop, amazing things can happen for our business. That’s why our employees, from around the world, choose to be a part of JTI. It is why 87% of employees feel happy working at JTI. And why we’ve been awarded Global Top Employer status, eight years running. So when you’re ready to choose a career you’ll love, in a company you’ll love, feel free to #JoinTheIdea. Learn more: Department: Global ITLocation: Bucharest, Romania Reporting to: INFORMATION SECUR PROG & INTEGRATION DIRECTOR Role: Information Protection Manager Information Protection Manager Position Purpose: The Information Protection Manager position is a business-facing role that exists to work primarily with JTI business to protect the confidentiality and integrity of JTI critical information assets globally. Collaborating with technical teams to meet business needs to secure our journey to the company's 2030 vision. Developing the concept of data ownership with clear responsibilities to better secure our data, this person will define a simple and effective strategy to classify, identify, label, protect and monitor our critical data assets throughout their lifecycle. This person will be responsible to minimise the risk of data loss or corruption, by conducting risk assessments and making recommendations to ensure that critical or confidential data is adequately secured as a program of continuous improvements. Driving best practices in data protection through policy, procedure and education he/she will be responsible to identify opportunities to exploit existing capabilities and new technology offering to automate data protection controls. What will you do – Responsibilities: Develop an effective process in collaboration with relevant business stakeholders and DIT functions to identify, classify, label and protect JTI's most critical and confidential data. Ensure that data is protected wherever it resides throughout its lifecycle within the DIT ecosystems In collaboration with Data Privacy and Data Governance functions, ensure the right security policies, guidelines and standards defining appropriate data security controls in relation to data management and privacy are implemented and operated effectively Responsible to implement policies and controls to detect and minimize the risk of data loss of JTI critical data assets. Ensure the MS Purview compliance capabilities for DLP, and insider risk management are implemented according to organizational requirements and focus on continuous improvements Produce key measurements of information /data protection controls effectiveness and performance to provide assurance to senior management of JTI's strengthening security posture. Who are we looking for – Requirements: University degree in Computer Engineering, Information Systems, or related field or relevant experience 5-7 years of experience of multi-disciplinary Information Security and Information Technology experiences. IT data security controls and governance is a plus Strong understanding of common best practices, frameworks and regulations (NIST 800-53, ISO 27001 GDPR, etc.) Broad background with data security concepts, tools, techniques and methodologies Experience in Data protection and privacy regulations including GDPR Hands-on experience with Microsoft Purview Compliance suite including Information Protection(MIP) and Data Loss Prevention(DLP) Hands-on experience in Azure Cloud technology and security Good awareness of digital technology trends and the associated risks to data management Demonstrated track record of efficient and scaled delivery Microsoft MS-900, MS-500 certifications CISM / CISSP qualification will be a plus Strong time management skills Strong communication and analytical skills Recruitment process: Thank you very much for your interest in the role. You are welcome to apply.