About the job DLP security analyst
Main job Purpose:
The DLP security analyst will evaluate, architect, and implement DLP enterprise solution from information security perspective, main duties will include administration of DLP solution, monitoring & analyze alerts, identify and filter false positives to mitigate risks and protect corporate sensitive information.
The DLP security analyst provides oversight and being subject matter experts input to the design, build and implementation of DLP technology tools that support the Information Protection strategy, objectives, and operational requirements.
Focal point to drive collaboration across different business units, helps the organization to adopt the DLP solution, ensures that business users are trained, communicate internal processes to drive maximum efficiency.
Objectives:
Assess & mitigate risks associated with DLP solution.
Administration of the DLP tools which includes configuring policies and reporting
Monitor and respond to alerts generated from the DLP systems and other technologies
Communicate with stakeholders, data owners to plan, prepare and deploy DLP policies in production.
Grow expertise in knowledge of best practices and standards for Data Protection.
Monitor the use of the tools and ensure a consistent & continuous process of improvement taking an effect.
Deliver awareness sessions and conduct training to ensure business understand the DLP tool purpose and help with adoption and embedding of the technology.
Accountabilities:
Creates and maintains architecture diagrams and documentation of Data Loss Prevention solution.
Work with different stakeholders to capture requirements and apply data classification and subsequently appropriate data protection following internal standards, work on integration with different business applications.
Work with the DLP technology (troubleshooting, upgrades, identify new added features.)
Administrate of DLP solution and liaising with GRC function to configure policies and work on reporting, monitor and respond to different alerts generated from the DLP solution.
Demonstrate a good understanding of incident response process and event escalations,
repone to DLPs escalations reported by incident response team
Share recommendations to further identify sensitive data and strengthen security controls
Collaborate & partner with legal, compliance team to support customer privacy initiative and continue compliance with different regulations, to mature company data life cycle management with focus on data security.
Job Requirements:
Education:
Computer Engineering, Communication Engineering, Computer Science, or an equivalent academic graduation degree.
DLP certifications like Microsoft Information Protection Administrator, Microsoft
365 Security Administration, Microsoft 365 Certified: Security Administrator Associate, Certified Forcepoint DLP Administrator, Administration of Symantec Data Loss Prevention 15.5
Professional certifications such as the Security+, GCIA, and/or CISSP would be nice to have.
Basic Knowledge of information security industry, regulatory and compliance standards such GDPR, Egypt data protection law, ISO 27001, NIST CSF, NIST RMF is highly desired.
Experience:
Minimum 3-5 years of Experience in Information Technology or Information Security concepts related to governance, risk & compliance, specifically three years of them focusing on Data Loss Prevention (DLP) solutions, technology support and related event handling.
Proven DLP experience with Microsoft DLP, other venrods,Solid knowledge of Microsoft 365 technology stack including Exchange online, SharePoint online, Teams, OneDrive, M365 Security center, M365 Compliance center, Defender for Endpoint.
Ability to work in and adapt to a changing environment
Languages:
English Fluent