Desired Skills and Experience

  • Develop and implement DLP policies and response actions in cooperation with line of business stakeholders geared toward to the business strategic direction
  • Ensures stability and resiliency of Cybersecurity products and services
  • Designs, analyzes, develops and implements DLP monitoring controls
  • Host use case workshops to identify attack vectors and develop monitoring rules to detect data leakage incidents in the environment and appropriate triage procedures
  • Employs approved defense-in-depth principles along the kill chain to eliminate risk and vulnerabilities and improves security controls
  • Capable of performing technical and non-technical (people and operations) risk and vulnerability assessments and supports data loss incident response
  • Leads data loss incident response, risk reviews and vulnerability assessments
  • Executes research and development of proof of concept in line with emerging industry trends
  • Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities.
  • Use of Symantec DLP and Splunk expertise
  • Advising SOC Managers on best practices and use cases on how to use Symantec DLP to detect events and Splunk to correlate events to achieve end state requirements
  • Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies 
  • Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity
  • Expertise in Agile and can work with at least one of the common frameworks
  • Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
  • Subject matter expert on DLP policy and response action development
  • Scripting or programming experience in at least 1 object oriented language
  • Able to work independently or in a team to create and optimize data loss detection rules
  • Knowledge of what constitutes a data loss event and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues
  • Provides in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation with skill in using network analysis tools.
  • Compliance required for local, country, and/or region specific standards for credentials, certifications and/or training.
  • 5+ years DLP engineering experience in mid-sized to large organizations, with emphasis on security operations, incident management, intrusion detection, firewall deployment and security event analysis.
  • 3+ years with SIEM and Log Management technologies specific to Splunk and/or ArcSight.
  • Proficient and proven track record of delivering Cybersecurity products and services within a business domain
  • Solid experience in supporting and improving Cybersecurity and/or technology controls to support the business
  • BSc of Computer Science, Engineering, or Mathematics preferred.
  • Preferred Product/Vendor Certifications in Splunk & ArcSight
  • Preferred Industry Certifications: CISSP, CISM, CISA, GIAC

Apply