DLP Policy Specialist

We're seeking someone to join our Data Protection Controls team as a DLP Policy Specialist in Cyber to support the end-to-end Data Loss Prevention (DLP) policy life cycle, including policy creation, analysis, tuning and ongoing management.

• Contribute to the function through complex project tasks and initiatives.
• Interact regularly with team members and occasionally leadership on a range of topics.
• Policy Lifecycle Management:
  Design, deploy, and tune DLP policies. This includes regular hygiene reviews to audit and dismantle outdated exclusion processes, ensuring controls remain robust and relevant.
• Operational Tuning:
  Analyse incident telemetry to refine detection logic, significantly reducing false positives.
• Stakeholder & Vendor Liaison:
  Collaborate with business stakeholders to translate data protection requirements into technical controls. Partner with external vendors to resolve product bugs and stay aligned with their technology roadmaps.
• Continuous Improvement:
  Identify opportunities to improve DLP processes, workflows, and stakeholder engagement, contribute to automation, standardization, and documentation initiatives and participate in knowledge transfer, training, and process updates.
• Compliance & Control Support:
  Ensure DLP operations align with internal data protection policies and external regulations and assist in remediation activities for identified policy gaps or control deficiencies.

• Ability to process information, translate into plans and present summaries to stakeholders.
• Experienced understanding of business line and discipline.
• Strong understanding of DLP concepts: data classification, sensitive data types, policy rules, and enforcement.
• Experience analysing alerts, tuning policies, and interpreting data protection risks.
• Strong analytical and problem‑solving skills.
• Clear written and verbal communication
  - Ability to manage multiple priorities in a control driven environment.
• Collaborative Mindset:
  Ability to work effectively within the broader Cyber division to unblock technical hurdles and scale data protection efforts.
• At least 4 years' relevant experience would generally be expected to find the skills required for this role.

Morgan Stanley is an equal opportunity employer committed to building and maintaining a workforce that is diverse in experience and background. Our recruiting efforts reflect our strong commitment to a culture of inclusion, where individuals are hired, developed, and advanced based on their skills and talents. For more information, please visit: