L3 Data Classification Engineer

Location & Working Model

Riyadh, on-site (Sun–Thu, business hours) with occasional change windows and P1 escalation support.

Own the environment’s enterprise data classification program with Fortra Titus as the primary platform. You’ll design the label taxonomy, engineer enforcement across Windows and Microsoft 365 apps, integrate classification metadata with Forcepoint DLP and Seclore DRM
, drive adoption, and guarantee evidence and change hygiene aligned. You’ll be the final escalation for classification issues, mentor L2 engineers, and lead audits for Data Security controls. Fortra Titus labeling improves downstream DLP accuracy and governance when implemented correctly.

• Primary: Fortra Titus Data Classification Suite (DCS) for Windows & Microsoft Office/Outlook (policy manager, client add-ins, enforcement, audit).
  Integrations:
  Forcepoint DLP (consume Titus tags/metadata in policies),
  Seclore DRM (rights templates driven by classification), SIEM for audit events.
• Adjacent toolset: Forcepoint DLP (Email/Host), Seclore DRM,
  Imperva DAM
  , Trend Micro (Apex One / Scan Mail),
  Carbon Black EDR
  , Tripwire/FIM
  , OPSWAT Meta Defender Kiosk
  , Data Patrol Watermark
  , Nexthink (analytics).

Architecture & Program Ownership

• Define and maintain the classification taxonomy (labels, markings, handling rules, exceptions) and publish through Titus Policy Manager (SaaS/on-prem).
• Engineer user-driven and automatic classification in Office/Outlook with mandatory prompts and save/send enforcement; ensure consistent persistent metadata for downstream controls.
• Map/align Titus fields with Microsoft sensitivity labels where required (coexistence scenarios).

Integration & Control Efficacy

• Integrate Titus metadata into Forcepoint DLP detection and actions; drive policy tuning to reduce false positives/negatives.
• Orchestrate Seclore DRM policy/rights templates based on classification; ensure protected files remain discoverable by DLP/CASB/SEG where feasible.
• Ensure SIEM onboarding for classification and enforcement events; maintain dashboards and KPIs.

Operations, Change & Evidence

• Own configuration lifecycle (versioning, test → prod promotion, rollback plans) under ITIL Change; publish SOPs/runbooks and update knowledge articles.
• Drive agent/add-in coverage health (Windows and O365) with Nexthink/endpoint tooling; coordinate with Endpoint/Email teams for hygiene.

Adoption, Training & Communications

• Run adoption campaigns (targeted prompts, coaching, newsletters), partner with Compliance/Legal for business-friendly labels and retention guidance.

Incident Leadership & RCA

• Lead classification-related P1/P2 incidents (mislabeling, blocking, leakage workflows); perform RCA and implement preventive changes across Titus/DLP/DRM.

Compliance & Audit (SAMA/NCA)

• Map the classification control set and evidence (Data Security domain) and NCA ECC
  ; prepare audit-ready packs (tickets, approvals, logs, reports).

Required qualifications

• 7+ years in data protection, including 3+ years hands-on with Fortra Titus DCS at enterprise scale (taxonomy, Policy Manager, O365/Outlook enforcement).
• Proven integration delivery with Forcepoint DLP and Seclore DRM (policies driven by Titus metadata).
• Strong Windows/O365 admin basics; experience with ITIL Change/Incident and evidence-quality documentation for regulated audits (banking).
• Comfortable collaborating across Data Protection, Email, Endpoint, DB Security, and SOC teams

Day-to-day (what you’ll actually do)

• Build and publish Titus configurations, update label sets/markings, and test enforcement before rollout.
• Tune Forcepoint DLP rules to reference Titus tags; manage exceptions with expiry and approvals.
• Coordinate with Seclore on classification-driven protection flows and ensure mail/file workflows remain usable and monitorable.
• Track KPIs: coverage %, label adoption %, DLP FP rate, exception backlog, and incident MTTR; publish weekly reports.
• Mentor L2 engineers; provide enablement for Service Desk and business champions.
• Keep everything evidence-ready for internal reviews and checks.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud disclaimer
:
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services. DXC does not make offers of employment via social media networks and never asks for money or equipment purchases from applicants. More information on employment scams is available here.