Data Governance & Security Lead

BlackStone eIT

BlackStone eIT is seeking a proactive and experienced Data Governance & Security Lead to oversee our data governance and security strategies. In this leadership role, you will be responsible for ensuring that data is managed securely, complies with all regulatory requirements, and supports business objectives.

You will lead cross-functional teams to develop and enforce data governance policies, assess risks, and implement security controls to protect sensitive information across the organization.

Key Responsibilities

• - Data governance framework design and implementation has built a classification framework and operationalized it, not just documented it
• - Data classification standards understands sensitivity levels, labeling, handling procedures, and how to enforce them technically
• - Regulatory compliance: GDPR, UAE data protection law, and ideally NESA/NIAR or Abu Dhabi data management standards
• - Security controls: encryption at rest and in transit, key management, access recertification, DLP tooling
• - DSPM/DLP tool experience (BigID, Fortra, Microsoft Purview, or comparable) can evaluate, configure, and operate these tools
• - Vendor management: has been the client-side technical lead managing an external governance engagement
• - Data mesh governance concepts: data product ownership, quality SLAs, cross-entity sharing
• - AI governance fundamentals: model and agent registration, data scope controls, audit trail requirements
• - Stakeholder communication: can work with Legal, IT, and entity leadership on policy review and adoption
• - Policy-as-code concepts: translating governance rules into automated technical enforcement

• - New system onboarding governance: every new data source, pipeline, and AI agent requires classification review, ownership assignment, and access control before production
• - Regulatory evolution: track changes to UAE data regulations, assess impact, update policies, implement controls
• - Recurring audit cycles: annual/semi-annual internal and external audits evidence preparation, coordination, remediation tracking
• - Data mesh governance: are entity data products meeting quality SLAs? Are ownership registers current? Are new data products classified before publication?
• - Cross-entity data disputes: arbitrate when entities request access to each other's data does policy allow it, what classification level, who approves?
• - Governance board: monthly standing review prepare agenda, collect metrics, present compliance status, track action items

• Paid Time Off
• Training & Development
• Performance Bonus