Senior Cyber Security Analyst

Summary

We are seeking an experienced Cyber Security Data Loss Prevention Analyst to strengthen our data protection capabilities and help mature our enterprise DLP program. This role is ideal for someone who has hands on experience with modern DLP technologies-especially Microsoft Security Platform and Varonis-and who is comfortable tuning policies, reducing false positives, and collaborating across the organization to ensure sensitive information is handled and protected appropriately.

This position plays a critical part in safeguarding company data, preventing data exposure, and educating employees on proper data handling practices.

What You'll Do

• Develop, tune, and maintain DLP policies, rules, and alerting mechanisms in Microsoft Security Platform and Varonis.
• Continuously refine controls to reduce false positives while ensuring sensitive data is properly protected.
• Monitor, investigate, and triage DLP alerts, escalating issues appropriately.
• Review incidents involving improper data handling (data in motion, at rest, or in use).
• Communicate with employees to provide education, guidance, and corrective actions to prevent repeated violations.
• Work collaboratively with HR, Legal, Information Governance, Service Owners and other business units on DLP related investigations or remediation steps.
• Provide expert input into data protection policies, classification models, and control requirements.
• Bring external best practices and industry trends to help mature and evolve the DLP program.
• Evaluate, test, deploy, and validate DLP solutions, configurations, and enhancements.
• Partner with engineering teams to ensure DLP tools are integrated effectively across endpoints, cloud platforms, and collaboration services.
• Serve as the DLP subject matter expert on broader security and business initiatives.
• Support projects involving sensitive data, such as AI enablement and data classification improvements.

Education

Experience

• For a Level 1 (Associate), a minimum of no previous years of experience to two years related experience is required (if no degree, four-six years of relevant experience or equivalent combination of education and related experience totaling four-six years).

• For a Level 2 (Journey), a minimum of two years of experience to four years related experience is required (if no degree, six-eight years of relevant experience or equivalent combination of education and related experience totaling six-eight years).

• For a Level 3 (Senior), a minimum of five years of related experience is required (if no degree, nine years of relevant experience or equivalent combination of education and related experience totaling nine years).

• 5+ years of relevant experience, with at least 3 years focused on DLP, data protection, or information security operations.
• Hands on experience with Microsoft security products (Defender, Purview, Endpoint DLP) and/or Varonis.
• Strong understanding of data classification, data handling standards, and regulatory requirements.
• Experience tuning policies to reduce false positives while maintaining detection accuracy.
• Excellent communication skills, with the ability to coach employees and work with HR, Legal, and other stakeholders.
• Ability to investigate data incidents with discretion, professionalism, and sound judgment.

Additional Requirements and Qualifications

• Experience contributing to DLP program maturity or building new DLP capabilities.
• Familiarity with insider risk management concepts and tools.
• Understanding of AI related data risks and modern data governance practices.
• Relevant certifications (e.g., CISSP, GIAC, Microsoft SC 400) are a plus but not required.