The Company

WTW is an award-winning advisory, broking and solutions company that helps clients around the world turn risk into a path for growth.

From the Titanic ship in 1912 to The Moon Buggy in 1971, WTW has a richness in [insurance] history dating back to 1828.

Our WTW Regional Delivery Hub based in the heart of Lisbon - encompasses a +175 strong global team of who deliver operational excellence through innovation and streamlined solutions every single day.

The Role

We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for a highly skilled and experienced Insider Threat Engineer.

As part of the Cyber Defence department, this role will work in the Insider Threat engineering function, a geographically and culturally diverse team of engineers who ensure the effective operation of our Insider Risk Management (IRM) and DLP (Data Loss Prevention) platforms. Reporting to the L3 Insider Threat Engineering Manager, the L2 Insider Threat Engineer role is critical to the success of the Insider Threat and DLP capability within WTW.

This role would suit those with a background in troubleshooting, administering and implementing IRM and DLP technologies, and with technical experience of the Microsoft Security stack with a focus on Purview DLP, IRM and Defender.

As the L2 Insider Threat Engineer, the primary responsibilities will be:

• Responsible for implementing, maintaining, and troubleshooting the IRM and DLP technologies, policies and rules used in WTW.

• Work closely with the L3 Insider Threat Engineering Manager to develop, implement, and refine rules and policies to help prevent data loss and protect sensitive information across the organisation.

• Ensure that DLP and IRM policies are fine-tuned and matured to reduce the number of false positives.

• Collaborate with cross-functional teams, including IT, Cyber Security, HR, legal, and compliance, to define data protection and insider risk requirements, policies and standards.

• Act as an escalation point for the L1 Insider Threat Engineers.

• Contribute to regular assessments of the Insider Threat Engineering function to identify areas for continuous improvement.

• Contribute to regular reports and updates to management on the performance and effectiveness of the IRM and DLP technologies.

• Identify trends and requirements aimed at improving and enhancing existing DLP and IRM policies, and report this upward through the security management chain.

• Provide guidance, coaching and support to L1 Insider Threat Engineers.

• Stay current with emerging IRM and DLP technologies in the cyber security landscape.

Secondary responsibilities

• Be an integral part of projects that enhance insider threat and data protection policies and standards.

• Other relevant tasks as designated by the Global Head of Insider Threat and L3 Insider Threat Engineering Manager.

The Requirements

What you will need:

• It is essential that you have experience implementing, troubleshooting and administering Insider Threat and DLP technologies in a global enterprise organisation.

• A solid engineering knowledge of the Microsoft Security stack, in particular Purview DLP, IRM and Defender.

• Relevant Microsoft qualifications in Purview DLP, IRM and Defender.

• Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA).

• Strong analytical problem-solving skills.

• Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organization.

• Must be self-motivated and capable of independent work.

Beneficial:

• Previous experience of deploying the Microsoft Insider Risk Management module within a global enterprise organisation.

• Hands-on experience with KQL and PowerShell.

• Industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Privacy Professional (CIPP)

What’s in it for you?

In WTW, you’ll find a professional yet friendly and easy-going environment in an office based in a fast-growing European capital. Come join a team of dynamic and motivating colleagues!

In addition to our attractive remuneration package, we offer:

Work-life balance. Mobile working or in the office? Flexible working hours? Sure, no problem. Hybrid working is more than just a buzzword for us.

Monetary benefit. An attractive, performance-related remuneration system.

Internationality. An international management consultancy and the security of a global corporation with renowned customers.

Development opportunities. A steep learning curve and sufficient freedom for individual career development: You will dive deep into a variety of topics, both on-the-job and in intensive specialist training.

Cooperation. Learning from each other and making decisions together, collegial, appreciative, and dynamic.

Customer contact. Quickly take responsibility.

Corporate events. Together we celebrate our successes and our community.

Willis Towers Watson is an equal opportunity employer