Click here to login or register
Reference # : 18-39060 Title : DLP Analyst
Location : Atlanta, GA
Experience Level : Start Date : 07/12/2018  

Data Loss Prevention Analyst
Function: IT
Functional Segment: Security
Job Type: Detection Content Developer
Hiring Manager: Joseph Ragno

Role Summary/Purpose:
Works with Business Unit Security Officers to review DLP events. Investigate user behavior to determine if activity is abnormal or part of existing practice using multiple tools (previous DLP events, Splunk etc.)

Essential Responsibilities:
  • escalate appropriate events
  • escalate egregious or malicious behavior to CIRT for further investigation/remediation
  • Collection of metrics; break down behavioral trends by department, policy, etc. and report metrics
  • Investigate ways to improve event detection
  • find methods to circumvent current detection rules and suggest changes accordingly

Basic Qualifications/Requirements:
  • Preferred experience in:
    • Symantec DLP
    • Splunk
    • Python
    • IDS/IPS
    • Network Experience
  • Experience using Insider Threat Tools (ex. Data Loss Prevention, User Behavior Analytics, etc.)
  • Understanding of cyber- tactics, technologies, and procedures to counter insider threats
  • Awareness of the latest cyber security trends and developments
  • Knowledge of Incident Response procedures
  • Detailed understanding of Cyber Crime, Hacktivist, APT and Insider Threat associated tactics
  • Strong oral and written communications skills
  • Strong analytical & evaluative thinking
  • Strong Interpersonal and leadership skills
  • The ability to work in a fast paced environment to include the translation of complex concepts and issues into messaging easily understood by senior leadership
  • Strong analytical skills/problem solving/conceptual thinking
  • Ability to conduct multi-source investigations in collecting and analyzing qualitative and quantitative data
  • Ability to work independently on initiatives with little oversight. Motivated and willing to learn
  • Must be comfortable effectively communicating intelligence to technical and non-technical audiences