DLP-Monitoring Analyst

DLP Monitoring Analyst

Job Description

Looking for an experienced Data Loss Prevention triage analyst. This is a technical role and will support the DLP Monitoring function with an incident triage and escalation along potential tuning recommendations for data loss prevention policies. We are looking for a candidate who has Security Operations Center experience with focus on DLP controls policies and analysis.

Daily Cadence

Support the technical analysis of DLP alerts as requested by the triage team.

Support the continued review of DLP policies in relation to false positive alerting.

Identify any policy gaps and contribute to designing solutions to address them.

Support procedure documentation and tuning to improve triage response.

Core Duties

Event Triage and Analysis Monitor network traffic endpoints and data flows in realtime to identify and respond to potential DLP incidents. Investigate and analyze alerts generated by DLP tools to determine the nature and severity of incidents.

Policy Tuning Conduct detailed analysis of DLP policy violations providing insights into trends patterns and areas of potential improvement. Collaborate with engineering teams to address systemic issues contributing to policy violations.

Collaboration Work closely with IT administrators security analysts and other teams to ensure the effective deployment and configuration of DLP solutions. Provide support and guidance on DLP best practices to other teams.

Documentation Maintain accurate and comprehensive documentation of DLP policies configurations and incident response procedures. Generate regular reports on DLP performance and incidents for management review.

Expectations of the role:

Familiarity with DLP event triage and analysis related to network and endpoint security.

Understanding DLP tools and policy.

Familiarity with UEBA would be a plus.

Familiarity with insider threat behaviors and patterns also a plus.

Experience:

Bachelors degree or equivalent education.

Experience 6 8 year in Security Industry.

Keyword resume searches:

Purview

Symantec DLP

Splunk

Splunk Enterprise Security

Security Information Event Management (SIEM)

Securonix

Cyber Security Operations

Cyber Investigation

Security Orchestration Automation & Response (SOAR)

Kill Chain

DLP