Cyber Security Manager - Data Protection

AXA GBS MOROCCO

Present in Morocco since 2009, AXA GBS MOROCCO ( Ex- AXA Group Operations Morocco) is an offshoring entity. With more than 300 employees and its various centers of expertise operating in the fields of IT, Project Management, Finance and Human Resources, AXA GBS MOROCCO supports AXA entities in carrying out its mission.

Mission

The Manager - Data Protection is responsible for the strategic and operational leadership of the organization’s Data Loss Prevention (DLP) program. This role ensures that sensitive data is identified, classified, and protected from unauthorized access, leakage, or misuse across all digital channels. The manager will lead a team of DLP specialists and collaborate with cross-functional stakeholders to embed data protection into business processes and technologies.

Key Responsibilities

* Lead the design, deployment, and continuous improvement of DLP solutions across endpoints, email, cloud, and network environments.
* Define and maintain DLP policies, detection rules, and incident response workflows aligned with business risk appetite and regulatory requirements.
* Oversee daily monitoring of DLP alerts, ensuring timely triage, investigation, and resolution of incidents.
* Conduct root cause analysis of data leakage events and drive corrective actions.
* Collaborate with IT, HR, Legal, and Compliance to define data classification schemes and enforce secure data handling practices.
* Develop and deliver training and awareness programs to promote a culture of data protection.
* Produce regular reports and dashboards on DLP effectiveness, incident trends, and risk exposure for executive stakeholders.
* Stay abreast of emerging technologies, insider threat tactics, and regulatory changes impacting data protection.
* Conduct performance reviews, set development goals, and provide coaching.
* Manage team capacity, workload distribution, and resource planning.
* Drive recruitment, onboarding, and continuous training efforts.

Technical Skills

* Proficiency with enterprise DLP platforms (e.g., Microsoft Purview, Symantec DLP, Forcepoint).
* Experience with endpoint protection and email security integration.
* Familiarity with SIEM/SOAR platforms (e.g., Splunk, Microsoft Sentinel).
* Understanding of data classification frameworks and content inspection techniques.
* Knowledge of cloud security controls (e.g., Microsoft 365, Azure Information Protection).
* Experience in data governance and compliance frameworks, ensuring adherence to industry standards.

People Management Skills

* Strong leadership and team-building skills with a focus on coaching and development.
* Excellent communication and interpersonal skills, with the ability to influence across technical and non-technical audiences.
* High emotional intelligence, integrity, and discretion in handling sensitive data.
* Strategic thinking, problem-solving, and decision-making under pressure.
* Adaptability and resilience in a fast-paced, evolving threat landscape.
* Collaborate with internal stakeholders to understand their data protection needs and provide tailored DLP solutions that meet those requirements.
* Establish and implement a governance framework in collaboration with partners to ensure effective follow-up on operational activities, sourcing requests, budget management, and risk oversight.

Qualifications

* Advanced degree in Information Security, Computer Science, or a related field.
* Minimum 5 years of experience in cybersecurity, with at least 3 years in DLP or data protection roles.
* Relevant certifications (e.g., CISSP, CISM) are preferred.
* Proficiency in English, both written and spoken.