Cyber and Data Leakage Prevention (DLP) Analyst at a Leading Organization 5336

We are seeking a highly motivated and experienced Cyber and DLP Analyst to join our team. This role is crucial for strengthening our organization’s security posture, focusing on both complex cyber incident response and dedicated Data Loss Prevention (DLP) activities. You will act as an escalation point, proactively hunt for threats, and drive the development of new security controls and automation processes.

Cyber Incident Response & Threat Hunting

• Handle and operate complex cyber incidents, serving as the escalation point for Tier 1 Analysts.
• Identify suspected advanced attacks based on alerts from the SIEM system and other advanced security tools and intelligence feeds.
• Develop new security controls, investigation processes, and automation playbooks (SOAR) to address emerging cyber threats, including intelligence integration.
• Train and mentor Tier 2 analysts and external SOC personnel; improve investigation methodologies and awareness of new attack techniques.

Data Leakage Prevention (DLP)

• Integrate into the Cyber Infrastructure team, taking full ownership of the organization’s Data Loss Prevention (DLP) domain according to security and regulatory policies.
• Define DLP policy, characterize anomalies, and outline new processes for mitigation.
• Analyze and prevent data leakage incidents against the company and its clients by detecting and investigating anomalous activities within systems.
• Perform continuous controls, data processing, case investigation, and data analysis for DLP monitoring and prevention.
• Responsible for the development and implementation of new controls across company systems.
• Document lessons learned and implement new controls across various defense tools (e.g., firewall, EDR).

Required Skills and Experience

• 3+ years of mandatory experience in identifying and handling cyber incidents.
• Mandatory familiarity with SOC working processes and investigation methodologies.
• Strong familiarity with Microsoft and Linux Operating Systems – Mandatory.
• Excellent understanding of security defense products such as FW, EDR, AV, Mail Relay, Sandbox, Cymulate, Proxy, VA Scanners, etc. – Mandatory.
• Experience working with SIEM (QRadar) and XSOAR systems.
• Mandatory technical ability to write scripts and develop processes using PowerShell / Python.
• Full proficiency in the Windows environment and Excel (advanced functions level) – Mandatory.
• Mandatory experience in defining and implementing controls within work processes.