Job Summary
This role is responsible for driving pre-sales activities focused on Governance, Risk, and Compliance (GRC) security solutions, ensuring alignment with client requirements and organizational objectives. The individual leads large-scale, complex operations, providing expert guidance in security solution design, proposal development, and process optimization, while fostering innovation and empowering teams to exceed client expectations.
Data Security Posture Management (DSPM) Consultant
Key Responsibilities
1. Lead the development of security pre-sales solutions by leveraging Security Pre-sales and GRC frameworks, ensuring alignment with client requirements and business objectives.
2. Utilize security risk assessment tools and GRC platforms to analyze client environments, identify gaps, and recommend tailored risk mitigation strategies.
3. Oversee the preparation and delivery of security solution proposals, presentations, and RFP responses using industry-standard security and GRC methodologies.
4. Drive process improvements in pre-sales operations by implementing best practices in security solution design, workflow automation, and management reporting.
5. Mentor and guide pre-sales consultants and product management teams in the application of security standards, regulatory compliance requirements, and solution positioning.
6. Engage with internal teams to promote innovation in security pre-sales offerings, introducing new tools and approaches to enhance service delivery and client satisfaction.
7. Ensure effective communication of project goals, solution benefits, and technical details to both technical and non-technical stakeholders.
We are seeking a DSPM Consultant to join our Data Security Practice, supporting enterprise clients in designing, implementing, and optimizing data security solutions across hybrid and multi-cloud environments. The successful candidate will have experience implementing Data Security Posture Management (DSPM) solutions. The role also includes working with Microsoft Purview as the enterprise Data Loss Prevention (DLP) and information protection platform to help clients discover, classify, protect, and govern sensitive data. This is a client-facing consulting role requiring strong technical expertise, problem-solving skills, and the ability to translate business and regulatory requirements into effective data security solutions.
Skill Requirements
1. Excellent Knowledge Of Security Technologies, Grc Platforms (Such As Archer, Servicenow Grc), And Security Operations Processes.
2. Advanced Skills In Developing And Presenting Security Solution Proposals, Including Technical Documentation And ExecutiveLevel Presentations.
3. Excellent Communication, Stakeholder Management, And Leadership Skills, With The Ability To Drive HighImpact Initiatives And Mentor Teams.
4. Strong Analytical And ProblemSolving Abilities In The Context Of Security And Grc Operations.
Design, implement, and support enterprise Data Security Posture Management (DSPM) solutions. Configure and optimize DSPM platforms Implement and enhance Data Security and DSPM capabilities for: Data Loss Prevention (DLP) Sensitivity labeling Information protection Data classification and governance including AI data classification Perform enterprise-wide data discovery, classification, and sensitive data mapping. Assess data security posture and identify risks related to: Sensitive data exposure Excessive user permissions Misconfigured cloud storage Shadow data Develop and implement data classification frameworks for regulated and sensitive information (PII, PHI, PCI, intellectual property, and financial data). Collaborate with security, cloud, infrastructure, and data teams to design and implement remediation strategies. Integrate DSPM solutions with cloud platforms, identity services, and security monitoring tools. Conduct client workshops, technical assessments, architecture reviews, and solution demonstrations. Produce technical documentation, implementation guides, and executive-level reports. Support compliance initiatives aligned with industry standards and regulatory requirements. Partner with DSPM, DLP, and Cloud teams to design discovery, classification, and remediation workflows for sensitive data. Develop program-level metrics and dashboards (coverage, classification rates, incidents, false‑positive trends). Drive cross-functional engagement with Legal, Privacy, JJT, business units, and vendors to ensure compliance and adoption. Design and deliver training and awareness programs for privileged users, exception users, and business stakeholders. Create and maintain runbooks, SOPs, test plans, and technical documentation,lead policy and control testing. Support incident response for data-related events and lead post-incident remediation and lessons-learned activities. Deliver project plans, timelines, and storyboards for workstreams and operational enhancements; produce step‑by‑step guides, FAQs, and training materials. Produce monthly and quarterly status reports, gather stakeholder feedback, and highlight milestones, risks, issues, and opportunities.
Other Requirements
1. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) � optional but valuable.
2. Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Auditor (CISA) � optional but valuable
Required Qualifications Experience implementing or supporting enterprise data security and data protection solutions. Hands-on experience with one or more DSPM platforms Preferred experience with DSPM, Microsoft Purview, Zscaler including DLP, sensitivity labels, and information protection. Knowledge of data discovery, classification, and governance principles. Experience working with cloud platforms such as AWS, Azure, or Google Cloud. Understanding of identity and access management concepts and cloud security best practices. Familiarity with enterprise security technologies, including SIEM, IAM, and DLP solutions. Strong analytical, troubleshooting, and communication skills. Experience working directly with business stakeholders and technical teams. Preferred Qualifications Experience delivering enterprise security or data protection consulting engagements. Knowledge of privacy and compliance frameworks such as GDPR, HIPAA, PCI DSS, or ISO 27001. Experience with complementary technologies such as Microsoft Defender, Microsoft 365 Security, or cloud-native security services. Industry certifications such as CISSP, CISM, CCSP, Microsoft Security certifications (SC-400, SC-100), or equivalent. Core Competencies Data Security Posture Management (DSPM) Data Discovery and Classification Microsoft Purview (DLP & Information Protection) Cloud Data Security (AWS, Azure, Google Cloud) Data Governance Risk Assessment and Remediation Identity and Access Management (IAM) Client Consulting and Solution Delivery Technical Documentation and Stakeholder Communication