The Senior Security Analyst & Data Loss Administrator, a part of the Information Security team,
is primarily responsible for administrating and maintaining the Data Loss Prevention (DLP) system. The Analyst will perform Information Security related tasks as well.
The role requires an in-depth understanding of Information Security practices as well as a good understanding of Microsoft products (such as Windows, Outlook/Exchange Online/M365, ATP/EDR, DLP), the network (proxy servers, firewalls), databases and exposure to a DLP product (such as Symantec, McAfee or RSA).
The Senior Security Analyst will be responsible for monitoring Data Loss Prevention systems, both Host and Network-based, and help improve the implementation of those systems. The activity of monitoring includes daily review of the product consoles, analyzing the events, and determining which events are actionable. The incumbent will need to troubleshoot/resolve server/host/agent issues, plan and perform upgrades as required. The Senior IT Security Analyst will need to interact with all business functions, bridging the gap between technical data and business objectives.
Responsibilities include but not limited to:
Position may require on-call and after-hours work, as needed to support business needs
- Perform daily monitoring and analysis of host and network alerts from the DLP product and investigate output
- Assist with resolution of operational product deployment, implementation, and technical issues
- Engage with business contacts and IT to identify sensitive data and monitor for unauthorized disclosures
- Resolve and document complex security incidents and prepare formal incident reports
- Interpret and summarize technical information for presentation to non-technical business contacts
- Develop and improve processes and procedures for data protection activities
- Generate monthly/quarterly reports and create dashboards for leadership
- Perform assessments of current security technology and authentication systems and evaluate against Security Policies, and other relevant regulations and best practice controls pertaining to the protection of corporate information assets with respect to security and privacy
- Advance IT Security policies, standards and procedures in conjunction with the application and technology teams responsible for the day-to-day systems configuration and operation
- Proactively audit the network security environment and provide actionable information pertaining to risk discovery and remediation technologies, techniques, and processes
- Assess and review new and existing technology infrastructure to identify key risk areas, and ensure adequate levels of controls are in place to address those risks, develop risk mitigation techniques/plans and processes to ensure that all reviews are actionable by system managers and the operations staff
- 3+ years in systems security with certification, maintenance and use of security products in a distributed enterprise environment.
- 2+ years’ experience in security operations/support
- Experience and demonstrate knowledge and/or skills in the following areas:
- Unstructured Data Protection
- Data At Rest Scanning
- Data Loss Prevention
- Experience in Windows, Cisco routers and switches, Encryption, Defense Strategies, and Hacker Techniques or Incident Response.
- Experience in complex multi-site LAN/WAN environments.
- Experience with network applications, such as Firewall Security and Virtual Private Networking.
- Knowledge of network and host IDS/IPS.
- Familiarity working with databases (Oracle, SQL) schema, queries, entries, creation
- CISSP, CISA, CISM or other similar Security certification preferred
- Microsoft MCSE/MCSA and/or Cisco certification is an asset