Job Description

IT Security C&T is an innovative, fast-growing security consulting and training company. Our management team combined with our consultants and engineers work together to deliver comprehensive security solutions to our customers around the MENA region.

IT Security C&T is continuously expanding its team of qualified professionals for a wide range of opportunities. Interested candidates are required to apply via our Career webpage on our website (www.itsecurityct.com)

Own the environment’s enterprise data classification program with Fortra Titus as the primary platform. You’ll design the label taxonomy, engineer enforcement across Windows and Microsoft 365 apps, integrate classification metadata with Forcepoint DLP and Seclore DRM, drive adoption, and guarantee evidence and change hygiene aligned to SAMA CSF / NCA ECC You’ll be the final escalation for classification issues, mentor L2 engineers, and lead audits for Data Security controls. Fortra Titus labeling improves downstream DLP accuracy and governance when implemented correctly

Tool stack & scope (primary → adjacent)

• Primary: Fortra Titus Data Classification Suite (DCS) for Windows & Microsoft Office/Outlook (policy manager, client add-ins, enforcement, audit). Integrations: Forcepoint DLP (consume Titus tags/metadata in policies), Seclore DRM (rights templates driven by classification), SIEM for audit events.
• Adjacent toolset: Forcepoint DLP (Email/Host), Seclore DRM, Imperva DAM, Trend Micro (Apex One / ScanMail), Carbon Black EDR, Tripwire/FIM, OPSWAT MetaDefender Kiosk, Data Patrol Watermark, Nexthink (analytics).

Key responsibilities

Architecture & Program Ownership

• Define and maintain the classification taxonomy (labels, markings, handling rules, exceptions) and publish through Titus Policy Manager (SaaS/on-prem).
• Engineer user-driven and automatic classification in Office/Outlook with mandatory prompts and save/send enforcement; ensure consistent persistent metadata for downstream controls.
• Map/align Titus fields with Microsoft sensitivity labels where required (coexistence scenarios).

Integration & Control Efficacy

• Integrate Titus metadata into Forcepoint DLP detection and actions; drive policy tuning to reduce false positives/negatives.
• Orchestrate Seclore DRM policy/rights templates based on classification; ensure protected files remain discoverable by DLP/CASB/SEG where feasible.
• Ensure SIEM onboarding for classification and enforcement events; maintain dashboards and KPIs.

Operations, Change & Evidence

• Own configuration lifecycle (versioning, test → prod promotion, rollback plans) under ITIL Change; publish SOPs/runbooks and update knowledge articles.
• Drive agent/add-in coverage health (Windows and O365) with Nexthink/endpoint tooling; coordinate with Endpoint/Email teams for hygiene.

Adoption, Training & Communications

• Run adoption campaigns (targeted prompts, coaching, newsletters), partner with Compliance/Legal for business-friendly labels and retention guidance.

Incident Leadership & RCA

• Lead classification-related P1/P2 incidents (mislabeling, blocking, leakage workflows); perform RCA and implement preventive changes across Titus/DLP/DRM.

Compliance & Audit (SAMA/NCA)

• Map the classification control set and evidence to SAMA CSF (Data Security domain) and NCA ECC; prepare audit-ready packs (tickets, approvals, logs, reports).

Qualifications

Required qualifications

• Saudi national. Bachelor’s degree or equivalent experience.
• 7+ years in data protection, including 3+ years hands-on with Fortra Titus DCS at enterprise scale (taxonomy, Policy Manager, O365/Outlook enforcement).
• Proven integration delivery with Forcepoint DLP and Seclore DRM (policies driven by Titus metadata).
• Strong Windows/O365 admin basics; experience with ITIL Change/Incident and evidence-quality documentation for regulated audits (banking).
• Comfortable collaborating across Data Protection, Email, Endpoint, DB Security, and SOC teams.

Nice-to-have / Certifications

• Fortra/Titus administrator training or certifications; Forcepoint DLP Admin; Seclore training; ITIL; CISSP/CISM (preferred).

Additional Information

Job Location: KSA