IT Security Analyst- DLP engineerMassachusetts, Westborough, 01581 Westborough USA
InfiCare technologies are looking for: - IT Security Analyst- DLP engineer Location is: : Westborough, MA or Latham, NY and Client Zensar. See job requirements below. Apply to the job or send resume directly to me at email@example.com New Job Role- IT Security Analyst- DLP engineer Location- Westborough, MA or Latham, NY hybrid model Salary- $80k/Year+ benefits Client- Zensar Scope and Purpose of Position: Reporting to the Senior Manager of the Insider-Threat Group, the Data-Loss Prevention (DLP) Analyst is a key role responsible for supporting the Information Security team. This hands-on role will spend most of their time reviewing/triaging Data-Loss Prevention Incidents. They will gather facts and evidence through security tools, interview associates to understand anomalous behavior, and will observe, monitor, record and document known or suspected offenses. Analyst must have strong investigative mindset, good written and oral communication skills, and the ability to prioritize, document, and manage multiple Data-Loss Prevention cases/incidents. This person will be directly responsible for evaluating, administering (maintaining and configuring) and implementing effective Data-Loss Prevention technologies and services to keep security ahead of the curve. Essential Functions
- Develop and implement Data-Loss Prevention assurance/security standards and procedures to include documentation
- Employ deductive reasoning and analysis to make informed decisions and conclusions that lead to detection of mishandling of Protected Data.
- Communicate with Business Units, HR, and Privacy department(s) to understand and implement DLP solutions, and to investigate/resolve potential and known violations.
- Interview relevant parties and investigate potential DLP violations as appropriate
- Identify and applies relevant security controls to systems based on Protected Data classification
- Triage and investigate suspected and actual Data-Loss Prevention violations and potential mishandling of Protected Data in association with the Privacy and/or and Human Resources team(s)
- Write detailed case reports, file and maintain records, manage and document cases including resolutions and outcomes
- Make recommendations on technology optimization strategies
- Perform analysis, design, and development of DLP features for system architectures
- Analyze and define DLP requirements for systems which may include databases, cloud services and endpoints to safeguard Data At Rest, In Motion and In Use (DAR/DIM/DIU)
- Design, develop, engineer, and implement solutions that meet security requirements
- Provide hands-on integration and implementation of enterprise DLP solutions
- Create documentation to support DLP methods, tactics, techniques, and procedures.
- Provide continuous monitoring support for information systems and applications
- Proactively identifies, locates, and safeguards Protected Data and hunts potential avenues for Data Loss
- Maintain federal IT security policies, standards, and guidance
- Ability to potentially work irregular hours, weekends and holidays if required
- Other duties as assigned
- Bachelor's degree in Criminal Justice, Information Systems/Technology, Computer Science, Computer Engineering, or related field preferred, or equivalent Education and Experience
- A minimum of 4 years of experience as an Information Security Analyst, Law Enforcement or Investigative professional, Military Intelligence, or Analyst with a demonstrated track record in deploying and managing Data Loss Prevention and Insider Threat Detection systems
- Working knowledge of secure design and implementation of the below technologies:
- Data Loss Prevention (Vontu/Symantec, CodeGreen, Netskope, etc.)
- Data Forensics and Evidence-based investigation.
- Network and Security infrastructure (firewalls, switches, routers, DMZ, web application firewalls, IPS, IDS, WAF, End Point Protection, Splunk, Bro, IR)
- Working knowledge of threats to cybersecurity and understanding of the tools and tactics utilized by threat actors and insider threats
- Extensive O365, Microsoft Azure, Windows, Linux and Unix experience
- Knowledge of common attack methodologies; common types of security vulnerabilities and principles of the Chain of Custody and non-destructive data forensics
- Coordinating searches of email, hard drives, and other potential data storage and transmission platforms.
- Critical thinking, problem-solving skills, deductive reasoning, and social perceptivenes
- Business acumen
- Problem solving/analysis
- Technical capacity