Data Loss Prevention Analyst

Overview:

• Support the DLP Operations team.
• Focus on triaging DLP alerts and identifying potential data loss risks, while also contributing to business alignment efforts by mapping workflows and identifying opportunities to reduce risk through process and control improvements.
• The ideal candidate combines analytical investigation skills with strong communication and business acumen, enabling effective collaboration across security, risk, and business teams.

Responsibilities:

DLP Alert Monitoring & Triage:

• Review and analyze DLP alerts across multiple channels (email, endpoint, cloud, etc.).
• Validate alerts by distinguishing true positives vs. false positives and escalating as appropriate.
• Investigate potential data loss incidents, including reviewing context such as user behavior, data types, and business justification.
• Document findings and ensure accurate case disposition in applicable systems.

Incident Response & Risk Analysis

• Support response activities for confirmed data loss events, including coordination with internal stakeholders.
• Identify patterns, trends, or recurring behaviors contributing to data loss risk.
• Recommend actionable improvements to rules, controls, or user behavior.

Business Workflow & Risk Mapping

• Partner with business units and risk stakeholders to understand how data flows through key processes.
• Translate business activities into data loss risk scenarios.
• Identify opportunities for tuning, exclusions, or enhanced controls aligned to legitimate workflows.
• Support initiatives to align DLP coverage with evolving business processes, vendors, and tools.

Project & Process Support

• Assist in DLP-related projects including rule tuning, process documentation, and metrics tracking.
• Contribute to operational improvements and automation initiatives.
• Support ad hoc analysis for leadership or audit requests.

Cross-Functional Collaboration

• Engage with security engineering teams, risk officers, and governance teams
• Provide communication tailored to both technical and non-technical audiences

Qualifications:

• 2-5+ years of experience in cybersecurity, data protection, fraud, risk, or related analytical role.
• Experience with DLP tools or security monitoring platforms.
• Experience analyzing alerts, incidents, or case-based workflows.
• Strong analytical and investigative skills.
• Effective written and verbal communication skills.

Preferred:

• Familiarity with sensitive data types and data classification concepts.
• Experience with SIEM, SOAR, or case management systems.
• Understanding of business process mapping or workflow analysis.