Employer Active
Job Alert
You will be updated with latest job alerts via emailJob Alert
You will be updated with latest job alerts via emailNot Disclosed
Salary Not Disclosed
1 Vacancy
DLP Monitoring Analyst
Job Description
Looking for an experienced Data Loss Prevention triage analyst. This is a technical role and will support the DLP Monitoring function with an incident triage and escalation along potential tuning recommendations for data loss prevention policies. We are looking for a candidate who has Security Operations Center experience with focus on DLP controls policies and analysis.
Daily Cadence
Support the technical analysis of DLP alerts as requested by the triage team.
Support the continued review of DLP policies in relation to false positive alerting.
Identify any policy gaps and contribute to designing solutions to address them.
Support procedure documentation and tuning to improve triage response.
Core Duties
Event Triage and Analysis Monitor network traffic endpoints and data flows in realtime to identify and respond to potential DLP incidents. Investigate and analyze alerts generated by DLP tools to determine the nature and severity of incidents.
Policy Tuning Conduct detailed analysis of DLP policy violations providing insights into trends patterns and areas of potential improvement. Collaborate with engineering teams to address systemic issues contributing to policy violations.
Collaboration Work closely with IT administrators security analysts and other teams to ensure the effective deployment and configuration of DLP solutions. Provide support and guidance on DLP best practices to other teams.
Documentation Maintain accurate and comprehensive documentation of DLP policies configurations and incident response procedures. Generate regular reports on DLP performance and incidents for management review.
Expectations of the role:
Familiarity with DLP event triage and analysis related to network and endpoint security.
Understanding DLP tools and policy.
Familiarity with UEBA would be a plus.
Familiarity with insider threat behaviors and patterns also a plus.
Experience:
Bachelors degree or equivalent education.
Experience 6 8 year in Security Industry.
Keyword resume searches:
Purview
Symantec DLP
Splunk
Splunk Enterprise Security
Security Information Event Management (SIEM)
Securonix
Cyber Security Operations
Cyber Investigation
Security Orchestration Automation & Response (SOAR)
Kill Chain
DLP
Full Time