Senior Data Loss Prevention (DLP) Analyst

Collinson is the global privately-owned company dedicated to helping the world to travel with ease and confidence. The group offers a unique blend of industry and sector specialists who together provide market-leading airport experiences loyalty and customer engagement and insurance solutions for over 400 million consumers.

Collinson is the operator of Priority Pass the worlds original and leading airport experiences programme. Travellers can access a network of 1500 lounges and travel experiences including dining retail sleep and spa in over 650 airports in 148 countries helping to elevate the journey into something special. We work with the worlds leading payment networks over 1400 banks 90 airlines and 20 hotel groups worldwide.

We have been bringing innovation to the market since inception from launching the first independent global VIP lounge access Programme Priority Pass to being the first to sell direct travel insurance in the UK through Columbus Direct and creating the first loyalty agency of its kind in the travel sector with ICLP. Today we still invest heavily in innovation to ensure that we continue to deliver superior customer experiences.

Key clients include Mastercard American Express Cathay Pacific British Airways LATAM Flying Blue Accor EasyJet HSBC Chase HDFC.

Our mission is focused on doing good beyond profit which for us means we seek out opportunities for our people to share in our success and that we give back to the communities and people within which we work.

Never short of ambition the success of our business is delivered through the diverse and talented team of over 2200 global colleagues.

Purpose of the job

We are looking for a skilled and proactive Sr. Data Loss Prevention (DLP) Analyst to join our Security Operations team. This role focuses on protecting sensitive data across endpoints cloud services and email channels by managing and evolving our DLP technologies policies and controls. You will be a key influencer to the design and enforcement of security policies and conditional access working closely with internal stakeholders to safeguard information and support regulatory compliance.

Key Responsibilities

• Monitor and investigate DLP alerts generated by Microsoft Purview Egress and endpoint agents across Intune (Windows) and JAMF (macOS).
• Administer and maintain DLP tools and technologies ensuring they are configured correctly and functioning as intended.
• Analyze incidents to determine true positives identify root causes and recommend remediation actions.
• Define implement and review DLP policies data classification and conditional access rules to ensure alignment with business needs regulatory requirements and to stay current with evolving threats and industry standards.
• Lead discussions with Information Security Compliance Legal HR and IT to identify and mitigate data handling risks.
• Conduct periodic reviews of data movement patterns and access controls to ensure ongoing policy effectiveness.
• Maintain security configurations in Microsoft Intune and JAMF Pro to support DLP enforcement at the endpoint level.
• Lead the development and execution governance and lifecycle of security policies including documentation change control exception handling and awareness efforts.
• Responsible for audit and compliance reporting for data protection controls and assist with incident investigations involving potential data exposure.
• Develop and maintain a playbook for data leakage scenarios policy violations and insider threat alerts.
• Training and Awareness: Develop and conduct training sessions and awareness programs to educate employees on data security best practices and the importance of adhering to DLP policies.
• Hybrid role with occasional after-hours support for incident response or high-severity investigations.
• Participation in on-call rotations may be required for DLP-related incidents.

Knowledge skills and experience required

• Bachelors degree in Cybersecurity Information Technology or a related field or equivalent experience.
• 7 years of experience in cybersecurity with at least 5 years focused on Data Loss Prevention.
• Hands-on experience with Microsoft Purview DLP Egress Microsoft Intune and JAMF Pro preferred.
• Strong understanding of data classification endpoint protection email encryption and cloud DLP.
• Familiarity with conditional access policies Microsoft Entra ID (Azure AD) and Zero Trust principles.
• Working knowledge of security frameworks and regulatory standards (e.g. GDPR HIPAA ISO 27001 PCI-DSS).
• Relevant security certifications (e.g. Microsoft SC-400 SC-300 CompTIA Security CISSP CISM CDPSE GIAC) are highly desirable.
• 5 years of experience in a Security Operations Center (SOC) or with SIEM integration for DLP events.
• Knowledge of insider risk detection UEBA or behavioral analytics.
• Experience collaborating in cross-functional global teams on policy development or risk mitigation.

Person Specification

• Strong analytical communication and incident investigation skills.
• Ability to manage sensitive information with discretion and professionalism.
• Ability to work effectively in a global team-oriented environment collaborating with colleagues to achieve common goals.

Collinson is an equal opportunity employer and welcomes differences in all their forms including: colour race ethnicity gender identity sexual orientation neurodivergence family status age individuals with disabilities and people from all backgrounds cultures and experiences as we strongly believe this contributes to our on-going success.

We are focused on continually evolving our purpose driven high performing culture providing an environment where our people have the opportunity to achieve their full potential and do interesting and meaningful work. Our company values are: Take Action Do the right thing One team and Be insight led. These help guide everything we do internally in terms of how we think act and interact right through to how we deliver value to our customers and clients.

In your application please feel free to note which pronouns you use (For example - she/her/hers he/him/his they/them/theirs etc).