Insider Threat Analyst (DLP) | Up to 75K Salary

Job Expectations:

• Employment Type: Full-Time; Permanent (Direct Hire)
• Work Setup & Location: BGC, Taguig - Hybrid
• Work Schedule: Mondays - Fridays, EMEA Shift
• Base Salary: Php 60,000 - Php 75,000
• Industry: Insurance

Job Description:

As part of the Cyber Defense department, this role focuses on investigating Insider Threat and Data Loss Prevention (DLP) cases escalated by the L1 Insider Threat team. Reporting to the Global Head of Insider Threat, the L2 Insider Threat Analyst role is ideal for individuals with strong experience in Microsoft Purview DLP and Insider Risk Management (IRM) analysis. This business-facing role requires proactive collaboration with stakeholders and colleagues to investigate Insider Threat and DLP cases thoroughly.

• Perform advanced analysis and investigation of Insider Threat and DLP alerts across the various egress channels in both on-premise and cloud environments.
• Analyze event/alert patterns to properly interpret and prioritize threats with available DLP and IRM tools and other data protection devices.
• Help Identify trends and drive requirements aimed at improving and enhancing existing DLP and IRM detection policies.
• Work closely with Cyber Defense teams such as the Global Security Operations Centre, as well as Legal, Privacy, and HR teams if necessary, during investigations and incidents.
• Prepare detailed reports on security incidents, investigations, and mitigation efforts.
• Contribute to the fine-tuning of rules across the detection tools by highlighting pain points to the Global Head of Insider Threat and Insider Threat Engineering Manager.
• Contribute to the development, improvement, and review of operational documents.
• Other relevant tasks as designated by the Global Head of Insider Threat.
• Help coach and mentor L1 Insider Threat Analysts.

Qualifications:

• Bachelor's Degree in Computer Science, Information Technology, or a related field.
• 2+ years of experience as a Senior Insider Threat Analyst / Senior DLP, preferably in a global enterprise organization.
• Knowledgeable in Purview DLP, Defender, and IRM.
• Experience in cyber security roles in areas such as incident response, threat detection, or security operations.
• Proficiency in using security tools and technologies such as SIEM, EDR, and forensic analysis tools.
• Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA) is preferred.
• Industry certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Privacy Professional (CIPP) are a big plus.
• Excellent interpersonal, collaboration, and communication (written and verbal) skills.

***Only shortlisted candidates will be contacted, updating/tailoring CV is recommended***