Sr DLP Security Operations Analyst

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field, or an equivalent combination of education and relevant industry experience
• Hands-on experience in Information Security operations, including Security Monitoring, Incident Response and Network Security Fundamentals
• Practical experience with Data Loss Prevention (DLP) tools and concepts, with exposure to one or more leading platforms such as Symantec, Microsoft Purview, Zscaler, Forcepoint, or Digital Guardian.
• Working knowledge of industry-standard security technologies, including: • Firewalls, VPN, Intrusion Detection Systems (IDS) • Endpoint Detection & Response (EDR) • Antivirus (AV) • Secure Web Gateway/Proxy
• Strong experience with SIEM event/log analysis and correlation
• Understanding of Data Loss Prevention (DLP) concepts, frameworks, and technologies
• Familiarity with data classification standards (e.g., PII, PCI, PHI, IP)
• Knowledge of common DLP platforms: • Symantec DLP • Microsoft Purview DLP • Zscaler DLP • Forcepoint, McAfee, Digital Guardian, etc.
• Basic understanding of network security, email security, and endpoint protection
• Knowledge of regulatory and compliance standards: • HIPAA, GDPR, CCPA, SOX, PCI-DSS

Responsibilities

• Lead the expansion and continuous improvement of Data Loss Prevention (DLP) initiatives across the organization, including international operations, ensuring robust policy enforcement and alignment with regulatory requirements
• Monitor, investigate, and respond to potential data loss events from both internal and external sources, ensuring swift containment and remediation
• Administer, tune, and maintain DLP technologies for on-premise, cloud, SaaS, and endpoint environments to ensure robust policy enforcement
• Develop, update, and enforce DLP policies and operational playbooks to address evolving data protection risks and regulatory requirements
• Utilize threat intelligence to adapt DLP controls in response to new tactics, techniques, and procedures (TTPs) that target sensitive or regulated data
• Review and approve new system deployments to ensure integration with DLP monitoring and compliance requirements
• Document DLP incidents, investigations, and remediation steps to support regulatory audits and continuous process improvement
• Collaborate with IT and security teams to automate DLP alerts and responses for faster threat mitigation
• Provide off-hours support to address urgent DLP incidents and maintain 24/7 data protection coverage
• Monitor and review DLP alerts across email, web, endpoint, and cloud
• Identify and prioritize real incidents vs. false positives
• Investigate user activity and data movement related to alerts
• Determine if incidents are accidental, negligent, or malicious
• Escalate high-risk cases to Legal, HR, or Security leadership
• Take action to contain active threats (e.g., disable sharing, isolate devices)
• Document all findings, actions, and outcomes in the case tracking system
• Recommend user coaching or awareness training when needed
• Propose improvements to DLP rules to reduce noise and increase accuracy
• Track and report incident trends and metrics (volume, type, resolution time)
• Collaborate with IT, Legal, HR, and business units during investigations
• Support audits, compliance checks, and policy updates as needed
• Obtains information and stays up-to-date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected
• Assists in the investigation and resolution of security issues