Collinson Group is a global leader in driving loyalty and engagement for many of the world’s largest companies. Predominantly through the provision of travel related benefits within a market leading digital travel ecosystem. The group offers a unique blend of industry and sector specialists who together provide market-leading experience in delivering products and services across four core capabilities: Loyalty, Lifestyle Benefits and Insurance.

The group provides unrivalled insight and expertise around affluent consumers and frequent travelers, creating and delivering products and services now accessible to over 400m end consumers.

We have more than 25 years’ experience, with 28 global locations, servicing over 800 clients in 170 countries, employing 1,800 people.

We have been bringing innovation to the market since inception – from launching the first independent global VIP lounge access Programme, Priority Pass to being the first to sell direct travel insurance in the UK through Columbus Direct and creating the first loyalty agency of its kind in the travel sector with ICLP. Today we still invest heavily in innovation to ensure that we continue to deliver superior customer experiences.

Key clients include: Visa, Mastercard, American Express, Cathay Pacific, British Airways, LATAM, Flying Blue, Accor, EasyJet, HSBC, Chase, HDFC.

Our mission is focused on doing good beyond profit, which for us means we seek out opportunities for our people to share in our success and that we give back to the communities and people within which we work.

Never short of ambition, the success of our business is delivered through the diverse and talented team of over 1,800 colleagues globally.

Purpose of the job

We are looking for a skilled and proactive Sr. Data Loss Prevention (DLP) Analyst to join our Security Operations team. This role focuses on protecting sensitive data across endpoints, cloud services, and email channels by managing and evolving our DLP technologies, policies, and controls. You will be a key influencer to the design and enforcement of security policies and conditional access, working closely with internal stakeholders to safeguard information and support regulatory compliance.

• Key Responsibilities

• Monitor and investigate DLP alerts generated by Microsoft Purview, Egress, and endpoint agents across Intune (Windows) and JAMF (macOS).
• Administer and maintain DLP tools and technologies, ensuring they are configured correctly and functioning as intended.
• Analyse incidents to determine true positives, identify root causes, and recommend remediation actions.
  
• Define, implement, and review DLP policies, data classification, and conditional access rules to ensure alignment with business needs, regulatory requirements and to stay current with evolving threats and industry standards.
• Lead discussions with Information Security, Compliance, Legal, HR, and IT to identify and mitigate data handling risks.
• Conduct periodic reviews of data movement patterns and access controls to ensure ongoing policy effectiveness.
  
• Maintain security configurations in Microsoft Intune and JAMF Pro to support DLP enforcement at the endpoint level.
• Lead the development and execution governance and lifecycle of security policies, including documentation, change control, exception handling, and awareness efforts.
• Responsible for audit and compliance reporting for data protection controls and assist with incident investigations involving potential data exposure.
  
• Develop and maintain a playbook for data leakage scenarios, policy violations, and insider threat alerts.
• Training and Awareness: Develop and conduct training sessions and awareness programs to educate employees on data security best practices and the importance of adhering to DLP policies.
• Hybrid role, with occasional after-hours support for incident response or high-severity investigations.
• Participation in on-call rotations may be required for DLP-related incidents.
  

Knowledge, skills and experience required

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field, or equivalent experience.
• 7+ years of experience in cybersecurity, with at least 5 years focused on Data Loss Prevention.
• Hands-on experience with Microsoft Purview DLP, Egress, Microsoft Intune, and JAMF Pro preferred.
• Strong understanding of data classification, endpoint protection, email encryption, and cloud DLP.
• Familiarity with conditional access policies, Microsoft Entra ID (Azure AD), and Zero Trust principles.
• Working knowledge of security frameworks and regulatory standards (e.g., GDPR, HIPAA, ISO 27001, PCI-DSS).
• Relevant security certifications (e.g., Microsoft SC-400, SC-300, CompTIA Security+, CISSP, CISM, CDPSE, GIAC) are highly desirable.
• 5+ years of experience in a Security Operations Center (SOC) or with SIEM integration for DLP events.
• Knowledge of insider risk detection, UEBA, or behavioural analytics.
• Experience collaborating in cross-functional global teams on policy development or risk mitigation.

Benefit plan including but not limited to:

• Medical, dental, life insurance for employees
• Meal voucher
• Transportation or parking voucher
• Priority Pass membership
• Home office 3x a week
• Work from anywhere for 8 weeks

Collinson is an equal opportunity employer and welcomes differences in all their forms including: color, race, ethnicity, gender identity, sexual orientation, neurodivergence, family status, age, individuals with disabilities and people from all backgrounds, cultures and experiences as we strongly believe this contributes to our on-going success.

We are focused on continually evolving our purpose driven, high performing culture, providing an environment where our people have the opportunity to achieve their full potential and do interesting and meaningful work. Our company values are: Act smarter, Do the right thing, One team and Be insight led. These help guide everything we do internally in terms of how we think, act and interact, right through to how we deliver value to our customers and clients.

In your application, please feel free to note which pronouns you use (For example - she/her/hers, he/him/his, they/them/theirs, etc.).