The Information Security team at Root strives to lower the risk within the organization while enabling transformative technologists to do their cutting-edge work. As a DLP Information Security Engineer, you’ll be joining a team dedicated to securing Root, having a large opportunity to influence how we build and secure these systems.
The ideal candidate brings strong cloud-focused Data Loss Prevention (DLP) administration and alert monitoring and remediation experience. You'll work with various stakeholders to implement and tune an enterprise DLP system, having the opportunity to build out playbooks for managing alerts/incidents. This position provides a unique opportunity to work in a rapidly growing, inclusive environment and assist with projects beyond a traditional information security engineer's scope.
What you'll be doing
- Responsible for the design, deployment, administration, and monitoring of the DLP system
- Troubleshoot functionality and user impact with alert and policy tuning
- Use knowledge of vendor tools to collaborate with vendors and identify and resolve gaps in vendor solutions/platform technologies
- Assist in the integration of the data protection solutions into other security solutions and business processes
- Create and maintain technical process documentation (procedures/playbooks) for DLP system
- Report on DLP system alerts and overrides as needed
- Educate and train other team members on DLP system and processes
- Participate in security investigations as assigned by management
- Preservation and forensic analysis of artifacts as it relates to investigations
What we're looking for
- 2-5 years of cybersecurity experience
- Familiarity with DLP capabilities for email, endpoint, and SaaS applications
- Experience with DLP rule/policy creation and tuning to reduce false-positive rates
- Experience in creating and maintaining process, procedure, and playbook documentation
- A high-level understanding of multi-tiered applications and various network and security devices/protocols
- Knowledge of various operating system flavors, including but not limited to Windows, Mac, and Linux.
- Knowledge of cyber-criminal techniques, compliance, and regulatory standards.
- Strong analytical and investigation skills.
- Scripting skills (e.g., PowerShell, Bash, Shell scripting)
- Amazon Web Services / GitHub familiarity
At Root, we judge people based on the merit of their work, not who they are. Very few (if any!) people will fit every description; so if you are passionate about what this role entails, and are excited by solving real problems, we encourage you to apply; we want to learn about you, and what you can add to our team!
Who we are.
Root Insurance is the nation’s first licensed insurance carrier powered entirely by mobile. We were founded on the belief that the services you need for everyday life should serve you better. That’s why we base insurance coverages on you, not your demographic. It’s the way insurance should be. And it’s all conveniently in an app.
What draws people to Root.
We’re a rapidly scaling technology company. Our early success is in large part due to our unwavering standards in hiring. We recognize that our product is only as good as the people building and promoting it. We look for individuals who find solutions by going through the cycle of ideation to implementation with curiosity, rigor, and a highly analytical lens. Ask anyone who works here and you’ll hear similar reasons for why they joined:
Autonomy. For assertive self-starters, the opportunities to contribute are limitless.
Impact. By challenging the way it’s always been done, we solve problems that have a big impact on our business.
Collaboration. We encourage rich discussion and civil debate at every turn.
People. We are inspired by the collection of crazy-smart people around us