senior data security analyst.

Job Description:

We are hiring a data security analyst to work in our growing IT Security team. An analyst shall apply security skills to design, build and protect enterprise systems, applications, data assets, and people.

Position: Senior Data Security Analyst

Requirement:

• Bachelor’s degree.
• 5+ years of relevant work experience within the data security covering all aspects of data security program.
• Hands-on experience on data discovery, data classification, data governance and data protection.
• Experience working with DAM and FIM tools.
• Experience working with Web DLP, Endpoint DLP, Email DLP and Network DLP.
• Hands on experience on on-premises servers, proxies and API deployment model.
• Excellent leadership, problem-solving skills, and great attention to detail.
• Working experience on calculating NIST score and mapping of data security controls with data security aspects.

Tools Working: -

Data Discovery - Forcepoint, Microsoft Purview, Microsoft Defender, Microsoft governance

Data Classification – Azure Information Protection

DLP – Microsoft Purview, Microsoft defender, SOPHOS, CASB, Forcepoint

FIM & DAM – Manage engine –Eventlog analyzer

Responsibility:

• Perform data Discovery at rest, in use and transit.
• Classify the discovered data with different labels.
• Perform data encryption, data masking and other response action in order to protect data.
• Integration of different applications and endpoints to get data visibility.
• Define various DLP policies for the integrated applications on the tools and analyse events generated based on DLP policies and identify false positives to fine tune and bring accuracy.
• Implement DLP to track and restrict data movement of proprietary Payment Card Industry (PCI) data, Personally Identifiable Information (PII), Health Insurance Portability and Accountability Act (HIPAA) Data, General Data Protection Regulation (GDPR) etc.
• Implement policies as per security breaches such as Config Audit Policies, Connected Apps Policies, Malware Policies etc.
• Active monitoring of DLP incidents and perform investigation on high risk users.
• Propose several use cases for the newly integrated Applications in the tool to define DLP policies. Collaborate with vendor for the extended support.