Security Engineer

Established in 1928, Genuine Parts Company (GPC) is a leading global service organization specializing in the distribution of automotive and industrial replacement parts. GPC's commitment to innovation and technology is evident in the GPC Global Technology Center in Krakow, established in 2022. This center serves as a hub for research and development, supporting GPC's digital transformation efforts. The center's team of highly skilled IT engineers focuses on developing advanced technologies and solutions that enhance GPC's operations and growth. As we continue to scale and evolve, it has become increasingly critical for us to protect our data assets against both external and internal threats. As such, we're seeking an experienced Data Protection Engineer to join our IT security team and champion our data protection, insider threat management, and data classification endeavors. Responsibilities Data Protection: Design, implement, and maintain data protection solutions that safeguard the company's sensitive and critical data. Integrate and manage Data Loss Prevention (DLP) solutions to monitor and control data transferring across the company's computer network. Collaborate with cross-functional teams to develop a data protection framework and strategy, ensuring the security of data throughout its lifecycle. Insider Threat Management: Implement and maintain tools that detect, alert, and respond to suspicious or malicious activities that can result in data exfiltration or compromise. Regularly review and analyze system logs, access logs, and user activity to detect potential insider threats. Work closely with HR, legal, and other departments to establish procedures and policies for addressing potential insider threats. Data Discovery & Classification: Drive the deployment and management of data discovery tools across both structured and unstructured data sources. Collaborate with business units to accurately classify data based on its sensitivity and criticality. Define and maintain policies and procedures for consistent data classification and labeling. Stay abreast of industry trends, emerging threats, and best practices in data protection. Regularly review and update data protection policies, procedures, and technologies to address the evolving threat landscape. Requirements Minimum of 3 years of experience in data protection or security. Demonstrated expertise in insider threat management and data classification. Strong analytical and problem-solving abilities. Excellent communication and collaboration skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders. Familiarity with tools such as MS Purview, Code42, OneTrust, and Varonis would be a plus. Bachelor’s degree in computer science, Information Technology, or related field. Advanced degrees or certifications (e.g., CISSP, CISM, CDPSE) will be advantageous. Location Krakow/Hybrid #J-18808-Ljbffr