Data Protection Lead at Nebius

Amsterdam, NetherlandsFull-timeCorporate and Cyber SecurityPosted 15 days ago

About the Role

<div class="content-intro">About Nebius: Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure. Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI. Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.</div><h4>The Role</h4> We are seeking an experienced Data Protection Lead to join the Cyber Security organization, reporting to the Head of Security Engineering under the CISO. This role is responsible for leading the organization’s data protection domain, with a focus on data discovery, classification, and data loss prevention (DLP) across corporate and cloud environments. You will define and drive data protection strategy, implement controls to protect sensitive data across its lifecycle, and ensure visibility into where data resides and how it is used. The role requires close collaboration with Security, IT, Engineering, Product, and GRC teams to reduce data exposure risks and enforce strong data governance practices. Key Responsibilities <ul> <li>Lead and own the organization’s data protection domain, including strategy, standards, and implementation</li> <li>Drive data discovery initiatives to identify sensitive data across databases, SaaS applications, endpoints, and cloud environments</li> <li>Define and implement data classification frameworks, labeling standards, and data handling policies</li> <li>Design and implement data loss prevention (DLP) controls across endpoints, email, SaaS, network, and cloud platforms</li> <li>Ensure protection of sensitive data across its lifecycle, including storage, processing, and transfer</li> <li>Lead implementation and optimization of data security technologies (e.g., DLP, DSPM, CASB/SSE, data classification tools)</li> <li>Define and enforce data access governance, including least privilege and monitoring of sensitive data access and usage</li> <li>Monitor and investigate data-related risks, exposures, and policy violations in collaboration with SOC and Security teams</li> <li>Conduct risk assessments and identify gaps in data protection controls across systems and business processes</li> <li>Support compliance and regulatory requirements (e.g., GDPR, ISO 27001, SOC 2) related to data security and privacy</li> <li>Collaborate with Engineering, IT, Product, and GRC teams to embed data security controls into systems and workflows</li> <li>Maintain documentation, standards, and guidelines for data security practices</li> </ul> Required Skills & Experience <ul> <li>6+ years of experience in cyber security, with a focus on data security, data protection, or information security</li> <li>Hands-on experience with data discovery, classification, and DLP solutions</li> <li>Strong understanding of data lifecycle management and data security principles</li> <li>Experience securing data across cloud environments and SaaS platforms</li> <li>Experience implementing and managing data classification and labeling frameworks</li> <li>Strong understanding of identity and access management and data access controls</li> <li>Experience working with data security tools (e.g., Microsoft Purview, Netskope, Symantec DLP, etc.)</li> <li>Experience working cross-functionally with Security, IT, Engineering, Product, and GRC teams</li> <li>Strong analytical and problem-solving skills</li> <li>Excellent written and verbal communication skills in English</li> <li>Strong analytical and problem-solving mindset</li> <li>Ability to communicate data security risks clearly to technical and non-technical stakeholders</li> <li>Proactive, detail-oriented, and ownership-driven</li> <li>Comfortable working in cross-functional teams in a dynamic environment</li> </ul> Nice to Have <ul> <li>Experience leading or building data security or DLP programs in a growing organization</li> <li>Familiarity with DSPM (Data Security Posture Management) tools</li> <li>Experience with CASB / SSE platforms (e.g., Netskope, Zscaler)</li> <li>Knowledge of privacy and regulatory frameworks (GDPR, ISO 27001, SOC 2, etc.)</li> <li>Relevant certifications such as CISSP, CISM, or CDLP</li> <li>BSc in Computer Science, Information Security, or a related field</li> </ul><div class="content-conclusion">Benefits & Perks: <ul> <li>Competitive compensation</li> <li>Career growth and learning opportunities</li> <li>Flexibility and work-life balance</li> <li>Collaborative and innovative culture</li> <li>Opportunity to work on impactful AI projects</li> <li>International environment and talented teams</li> </ul> What's it like to work at Nebius: Fast moving - Bold thinking - Constant growth - Meaningful impact - Trust and real ownership - Opportunity to shape the future of AI  Equal Opportunity Statement: Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law. Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire.  If you need accommodations during the application process, please let us know.</div>

About the Role

Related Roles