DLP Security Operations Analyst

Job Description

Job Title: Cybersecurity/ DLP Security Operations Analyst
Job Location: Park, NY/ Hybrid (2-3 days onsite)
Project Duration: 6-12 months with possible extension

JOB DESCRIPTION:
Job Purpose:
The Cybersecurity Operations Analyst -DLP is responsible for overseeing all aspects of Data Loss Prevention (DLP) within the organization. This role focuses exclusively on developing and maintaining DLP policies, tuning DLP systems for optimal performance, and continuously monitoring DLP activities to prevent and detect unauthorized data access or transfer.

Key Responsibilities:

Security Monitoring
• Lead the expansion and continuous improvement of Data Loss Prevention (DLP) initiatives across the organization, including international operations, ensuring robust policy enforcement and alignment with regulatory requirements
• Monitor, investigate, and respond to potential data loss events from both internal and external sources, ensuring swift containment and remediation
• Administer, tune, and maintain DLP technologies for on-premise, cloud, SaaS, and endpoint environments to ensure robust policy enforcement
• Develop, update, and enforce DLP policies and operational playbooks to address evolving data protection risks and regulatory requirements
• Utilize threat intelligence to adapt DLP controls in response to new tactics, techniques, and procedures (TTPs) that target sensitive or regulated data
• Review and approve new system deployments to ensure integration with DLP monitoring and compliance requirements
• Document DLP incidents, investigations, and remediation steps to support regulatory audits and continuous process improvement
• Collaborate with IT and security teams to automate DLP alerts and responses for faster threat mitigation
• Provide off-hours support to address urgent DLP incidents and maintain 24/7 data protection coverage

Incident Response
• Monitor and review DLP alerts across email, web, endpoint, and cloud.
• Identify and prioritize real incidents vs. False positives.
• Investigate user activity and data movement related to alerts.
• Determine if incidents are accidental, negligent, or malicious.
• Escalate high-risk cases to Legal, HR, or Security leadership.
• Take action to contain active threats (e.G., disable sharing, isolate devices).
• Document all findings, actions, and outcomes in the case tracking system.
• Recommend user coaching or awareness training when needed.
• Propose improvements to DLP rules to reduce noise and increase accuracy.
• Track and report incident trends and metrics (volume, type, resolution time).
• Collaborate with IT, Legal, HR, and business units during investigations.
• Support audits, compliance checks, and policy updates as needed.

Emerging Threats Monitoring
• Obtains information and stays up-to-date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected.

Service Desk and Incident Management
• Assists in the investigation and resolution of security issues.

Knowledge, Experience & Qualifications:
Essential
• Bachelor's degree in Computer Science, Information Security, or a related field -or an equivalent combination of education and relevant industry experience.
• Hands-on experience in Information Security operations, including Security Monitoring, Incident Response, and Network Security fundamentals.
• Practical experience with Data Loss Prevention (DLP) tools and concepts, with exposure to one or more leading platforms such as Symantec, Microsoft Purview, Zscaler, Forcepoint, or Digital Guardian.
• Working knowledge of industry-standard security technologies, including:
• Firewalls, VPN, Intrusion Detection Systems (IDS)
• Endpoint Detection & Response (EDR)
• Antivirus (AV)
• Secure Web Gateway/Proxy
• Strong experience with SIEM event/log analysis and correlation

Desirable
• Understanding of Data Loss Prevention (DLP) concepts, frameworks, and technologies
• Familiarity with data classification standards (e.G., PII, PCI, PHI, IP)
• Knowledge of common DLP platforms:
• Symantec DLP
• Microsoft Purview DLP
• Zscaler DLP
• Forcepoint, McAfee, Digital Guardian, etc.
• Basic understanding of network security, email security, and endpoint protection
• Knowledge of regulatory and compliance standards:
• HIPAA, GDPR, CCPA, SOX, PCI-DSS

Specializations
Endpoint DLP, Network DLP, Cloud data protection, Policy development and tuning, Insider threat detection, Compliance and regulatory, Incident response and forensics, DLP integration

Meet Your Recruiter

Peter Jackson

---