Emplois en direct

L3 Data Classification Engineer (Fortra Titus) — Advanced Support & Architecture

Location & Working Model:

Riyadh, on-site (Sun–Thu, business hours) with occasional change windows and P1 escalation support. Reports to the Security Delivery Lead. Saudi nationals preferred.

Job Summary:

Seeking an experienced candidate who owns the client’s enterprise data classification program with Fortra Titus as the primary platform. You’ll design the label taxonomy, engineer enforcement across Windows and Microsoft 365 apps, integrate classification metadata with Forcepoint DLP and Seclore DRM, drive adoption, and guarantee evidence and change hygiene aligned to SAMA CSF / NCA ECC. You’ll be the final escalation for classification issues, mentor L2 engineers, and lead audits for Data Security controls. Fortra Titus labeling improves downstream DLP accuracy and governance when implemented correctly.

Tool Stack & Scope:

• Primary: Fortra Titus Data Classification Suite (DCS) for Windows & Microsoft Office/Outlook (policy manager, client add-ins, enforcement, audit)

• Integrations: Forcepoint DLP (consume Titus tags/metadata in policies), Seclore DRM (rights templates driven by classification), SIEM for audit events

• Adjacent Toolset: Forcepoint DLP (Email/Host), Seclore DRM, Imperva DAM, Trend Micro (Apex One / ScanMail), Carbon Black EDR, Tripwire/FIM, OPSWAT MetaDefender Kiosk, Data Patrol Watermark, Nexthink (analytics)

Key Responsibilities:

Architecture & Program Ownership

• Define and maintain the classification taxonomy (labels, markings, handling rules, exceptions) and publish through Titus Policy Manager (SaaS/on-prem)

• Engineer user-driven and automatic classification in Office/Outlook with mandatory prompts and save/send enforcement; ensure consistent persistent metadata for downstream controls

• Map/align Titus fields with Microsoft sensitivity labels where required (coexistence scenarios)

Integration & Control Efficacy

• Integrate Titus metadata into Forcepoint DLP detection and actions; drive policy tuning to reduce false positives/negatives

• Orchestrate Seclore DRM policy/rights templates based on classification; ensure protected files remain discoverable by DLP/CASB/SEG where feasible

• Ensure SIEM onboarding for classification and enforcement events; maintain dashboards and KPIs

Operations, Change & Evidence

• Own configuration lifecycle (versioning, test ? prod promotion, rollback plans) under ITIL Change; publish SOPs/runbooks and update knowledge articles

• Drive agent/add-in coverage health (Windows and O365) with Nexthink/endpoint tooling; coordinate with Endpoint/Email teams for hygiene

Adoption, Training & Communications

• Run adoption campaigns (targeted prompts, coaching, newsletters), partner with Compliance/Legal for business-friendly labels and retention guidance

Incident Leadership & RCA

• Lead classification-related P1/P2 incidents (mislabeling, blocking, leakage workflows); perform RCA and implement preventive changes across Titus/DLP/DRM

Compliance & Audit (SAMA/NCA)

• Map the classification control set and evidence to SAMA CSF (Data Security domain) and NCA ECC; prepare audit-ready packs (tickets, approvals, logs, reports)

Required Qualifications:

• 5+ years in data protection, including 3+ years hands-on with Fortra Titus DCS at enterprise scale (taxonomy, Policy Manager, O365/Outlook enforcement)

• Proven integration delivery with Forcepoint DLP and Seclore DRM (policies driven by Titus metadata)

• Strong Windows/O365 admin basics; experience with ITIL Change/Incident and evidence-quality documentation for regulated audits (banking)

• Comfortable collaborating across Data Protection, Email, Endpoint, DB Security, and SOC teams

Good-to-Have / Certifications:

• Fortra/Titus administrator training or certifications

• Forcepoint DLP Admin

• Seclore training

• ITIL

• CISSP/CISM (preferred)

Success in First 90–180 Days:

• ?90% Titus add-in coverage on in-scope endpoints; ?80% of new Office docs/emails carry correct labels

• Forcepoint DLP policies actively consuming Titus metadata across Email/Endpoint; false-positive rate ?2% on agreed policies

• Seclore DRM rights templates mapped to top 5 data classes; encrypted/labelled content remains discoverable by DLP/SEG per design

• ?6 SOPs/runbooks (taxonomy governance, Office enforcement, integration to DLP/DRM, exception workflow, evidence pack, rollback); ?2 CAB changes executed with clean validation

• Audit-ready evidence mapped to SAMA CSF Data Security controls (policy docs, approvals, change/test results, dashboards)

Day-to-Day (What You’ll Do):

• Build and publish Titus configurations, update label sets/markings, and test enforcement before rollout

• Tune Forcepoint DLP rules to reference Titus tags; manage exceptions with expiry and approvals

• Coordinate with Seclore on classification-driven protection flows and ensure mail/file workflows remain usable and monitorable

• Track KPIs: coverage %, label adoption %, DLP FP rate, exception backlog, and incident MTTR; publish weekly reports

• Mentor L2 engineers; provide enablement for Service Desk and business champions

• Keep everything evidence-ready for internal reviews and SAMA/NCA checks

Halian Group:

With over 28 years of experience, we have come to understand that innovation is the only way to provide agile, practical solutions that transform businesses and careers.

Our resourcing and smart services help you to realize tomorrow’s potential. Discover the amazing things possible when you bring the right people and the right technologies together.

At Halian, we recognize that diversity, equity, and inclusion (DEI) are essential to building high-performing teams for our clients. We are committed to connecting organizations with top talent from all backgrounds, ensuring that every individual feels valued, respected, and empowered to contribute their unique perspectives. We encourage applications from all qualified candidates, regardless of race, gender, disability, or any other characteristic that makes them unique. By fostering diverse and inclusive workplaces, we help our clients drive innovation, enhance collaboration, and better reflect the communities they serve.

#LI-CA1