Senior Data Security Engineer

• Architect and implement Awin's data security framework in partnership with the Security Architect. Build and operationalise the classification taxonomy, sensitivity tiers, and data handling standards that will underpin all downstream DLP, DSPM, and AI governance controls
• Support the implementation of Awin's data classification programme —labelling policies, and classification coverage across all data environment where sensitive data is processed or stored
• Own the implementation of DLP policies that prevent sensitive data from being shared, exported, or transmitted in breach of Awin's confidentiality risk appetite. Define policy architecture, alert thresholds, and enforcement logic. Work with Internal IT on deployment and tuning, and maintain audit-ready records of DLP events and enforcement actions
• Operationalise data security posture management tooling to provide visibility and control over how sensitive data flows to AI tools and third-party services. Ensure that AI data governance controls are technically enforceable, supporting Awin's AI risk appetite statements and the requirements of the AI governance framework
• Act as the data security domain expert for the Security Architecture function. Work closely with the Security Architect to provide specialist input into architecture reviews, product designs, and technology assessments where data security considerations are material
• Engage directly with stakeholders to understand how sensitive data flows across the organisation, and to ensure that data security requirements integrate coherently with the broader data governance framework

• Demonstrable experience in a dedicated, senior data security role, with a proven track record of designing and implementing data classification frameworks and DLP programmes in complex, multi-cloud or hybrid environments
• Hands-on experience with DLP policy architecture, implementation, and tuning across endpoint, network, and cloud channels, including data classification tooling (sensitivity label schema, sensitive information types, auto-labelling policies)
• Solid understanding of cloud data environments — AWS, Azure, M365 — including where sensitive data resides and how it moves, and working knowledge of CASB concepts and how they complement DLP controls
• Experience engaging with data engineering, data architecture, or data governance teams, with sufficient breadth across data cataloguing, lineage, and access governance to position data security as an enabler rather than a constraint
• Exposure to security architecture processes — architecture reviews, reference architecture development, and architectural decision-making — and an understanding of how AI services handle and retain data, with awareness of AI governance and DSPM as an emerging area of responsibility
• Working knowledge of GDPR obligations and how regulatory requirements translate into technical controls
• Able to operate with a high degree of autonomy in ambiguous, evolving environments — this role is building a capability from a fragmented baseline and requires someone who can design, iterate, and adapt without waiting for direction
• Strong credibility with senior technical stakeholders and clear communication across audiences — able to engage as a peer with the Security Architect and data professionals, and translate complex requirements into practical guidance for non-technical stakeholders

Some familiarity with Microsoft Purview DataShield policy orchestration across hybrid environments would be helpful

• Flexi-Week and Work-Life Balance: We prioritise your mental health and well-being, offering you a flexible four-day Flexi-Week at full pay and with no reduction to your annual holiday allowance. We also offer a variety of different paid special leaves as well as volunteer days
• Remote Working Allowance: You will receive a monthly allowance to cover part of your running costs. In addition, we will support you in setting up your remote workspace appropriately
• Pension: Awin offers access to an additional pension insurance to all employees in Germany
• Flexi-Office: We offer an international culture and flexibility through our Flexi-Office and hybrid/remote work possibilities to work across Awin regions
• Development: We’ve built our extensive training suite Awin Academy to cover a wide range of skills that nurture you professionally and personally, with trainings conveniently packaged together to support your overall development
• Appreciation: Thank and reward colleagues by sending them a voucher through our peer-to-peer program