Desired Skills and Experience
- Develop and implement DLP policies and response actions in cooperation with line of business stakeholders geared toward to the business strategic direction
- Ensures stability and resiliency of Cybersecurity products and services
- Designs, analyzes, develops and implements DLP monitoring controls
- Host use case workshops to identify attack vectors and develop monitoring rules to detect data leakage incidents in the environment and appropriate triage procedures
- Employs approved defense-in-depth principles along the kill chain to eliminate risk and vulnerabilities and improves security controls
- Capable of performing technical and non-technical (people and operations) risk and vulnerability assessments and supports data loss incident response
- Leads data loss incident response, risk reviews and vulnerability assessments
- Executes research and development of proof of concept in line with emerging industry trends
- Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities.
- Use of Symantec DLP and Splunk expertise
- Advising SOC Managers on best practices and use cases on how to use Symantec DLP to detect events and Splunk to correlate events to achieve end state requirements
- Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
- Keen understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity
- Expertise in Agile and can work with at least one of the common frameworks
- Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
- Subject matter expert on DLP policy and response action development
- Scripting or programming experience in at least 1 object oriented language
- Able to work independently or in a team to create and optimize data loss detection rules
- Knowledge of what constitutes a data loss event and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues
- Provides in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation with skill in using network analysis tools.
- Compliance required for local, country, and/or region specific standards for credentials, certifications and/or training.
- 5+ years DLP engineering experience in mid-sized to large organizations, with emphasis on security operations, incident management, intrusion detection, firewall deployment and security event analysis.
- 3+ years with SIEM and Log Management technologies specific to Splunk and/or ArcSight.
- Proficient and proven track record of delivering Cybersecurity products and services within a business domain
- Solid experience in supporting and improving Cybersecurity and/or technology controls to support the business
- BSc of Computer Science, Engineering, or Mathematics preferred.
- Preferred Product/Vendor Certifications in Splunk & ArcSight
- Preferred Industry Certifications: CISSP, CISM, CISA, GIAC
Apply