DLP Lead Information Security Analyst

About The Position

Requirements

• 5+ years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education

Nice To Haves

• 2+ years of Data Loss Prevention Operations experience including event triage and response, identifying tuning enhancements, etc.
• 2+ years of Information Security Governance, Risk and Change Management (GRC) experience.
• Security Operations and Incident Management experience
• Experience designing and implementing cross-functional security techniques spanning multiple security capabilities (e.g. DLP + web proxy, UEBA, etc.)
• Ability to assess risks and operational challenges, make quick decisions, implement solutions, and influence change
• Strong customer relationship management skills
• Experience articulating issues, risks, and proposed solutions to various levels of staff and management
• Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats
• Experience working in a large enterprise environment
• Knowledge and understanding of banking or financial services industry
• CISSP, CISM, CISA or other applicable InfoSec qualifications

Responsibilities

• Lead cross-functional initiatives to advance and automate DLP program capabilities in partnership with stakeholders across the enterprise.
• Track and report on DLP program operational health.
• Lead the continued maturation of DLP business partner reporting.
• Act as a liaison to front line business leaders.
• Provide oversight and governance for operational controls, processes and procedures.
• Field inquiries around DLP controls and operations from the three lines of defense and regulators.
• Assist with DLP risk trend analysis, escalation, incident management and root cause analysis.
• Act as a key stakeholder providing input to the DLP rules lifecycle.
• Assist with driving and tracking initiatives through the product model in partnership with the product team.
• Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation
• Direct information security risk assessment and research, and recommend remediation plans and strategies
• Influence stakeholders on net new or on material changes to an asset to influence control decisions
• Provide consulting on security risk assessment and research, and recommend remediation plans and strategies
• Act as more experienced lead to the organization to develop security risk awareness and mitigating actions
• Consult the organization on complex security issues and findings
• Manage the most complex and critical information assets
• Evaluate and interpret internal and companywide information security policies, processes, standards, and participate with more experienced leaders in decision making on information security
• Serve as information security lead to advise on the development and delivery of Information Security Education and Awareness
• Collaborate and consult with peers, colleagues, and mid-level to more experienced managers to resolve issues and achieve goals
• Lead projects and teams
• Coordinate with vendor manager on third party assets to manage information security risks
• Serve as a mentor to less experienced staff

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement