Global Insider Threat Program Data Loss Prevention Analyst
What We'll Bring
The Global Insider Threat Program (GITP) Data Loss Prevention (DLP) Analyst is a cybersecurity professional with experience identifying threats, vulnerabilities and exploitations. The GITP DLP Analyst demonstrates knowledge of conducting DLP operations in the Cloud as well as knowledge of CASB solutions, preferably Netskope or similar products. The GITP DLP Analyst orchestrates the application of security controls, utilization of tools and techniques to detect and gather information on domains and subjects. The GITP DLP Analyst has a developed understanding of how Transmission Control /Internet Protocol networks (TCP/IP) function. The GITP DLP Analyst must have hands-on experience with DLP security controls and tools governing data-in-motion, data-in-use, and data-at-rest, as well as knowledge of endpoint protection technology. In addition to these technical skills, the GITP DLP Analyst demonstrates excellent communication skills to include the ability to explain technical data relevance succinctly to the GITP Director and managers as well as other TransUnion senior leadership
What You'll Bring
The GITP DLP Analyst will play a key role in developing and utilizing CASB solutions for data loss prevention
The GITP DLP Analyst will direct the development and utilization of CASB salutations, pa for data loss prevention
Collaborate with CASB and other Cloud technical support and cybersecurity engineers to best configure DLP tools in order to detect, monitor and prevent data loss
Conduct analysis, escalation, and assistance in remediation of critical information security incidents
Support all GITP analytic efforts in order to identify, monitor or remediate Tactics, Techniques, and Procedures used by potential or actual insider threat as well as associates who unintentionally risk company internal data and information technology
Provide actionable insights, guidance and DLP subject matter expertise to the GITP Director and UEAB Analytics Lead
Create and maintain comprehensive DLP policy rules that broadly cover sensitive data as well risky behavior across the entire company, as well as specific rules to focus on unique data sets in each geographic location
Direct full Data-at-Rest operations to include remediation of discovered infracting data
Impact You'll Make
What We’ll Bring
TransUnion’s energetic and welcoming environment encourages innovation and collaboration. In addressing dynamic cybersecurity challenges, we empower our people with opportunities to hone current skills while inspiring and supporting creation and attainment of new capabilities.
What You’ll Bring
BS or BA degree preferably in computer or security related field or any combination of equivalent education, experience, and formal training that allows you to meet the requirements of this job
Experience with DLP Policy creation and maintenance in at least Netskope or Symantec DLP
Demonstrated ability to design holistic DLP capability leveraging multiple technologies across endpoints, web traffic, and email
Ample knowledge of technology maintenance requirements for DLP solutions
Strong written and verbal communication skills to represent TransUnion’s DLP capabilities to stakeholders, provide direction to DLP team members, and engage with company employees on DLP escalations
Ability to build strong relationships with business and technology stakeholders, self-motivation, personal drive and high energy are highly valuable for this position
Experience of Hybrid DLP solutions for network, endpoint, and data at rest
Experience utilizing Splunk for data analytics and investigations
Passionate about innovation and enjoys the challenges of creating something new
Stays current with evolving technologies via formal training and self-directed education
Desire and ability to integrate DLP capabilities into a comprehensive Insider Threat program
Any Security related certification(s)
We’d Love to See
Experience operating with multiple CASB platforms, DLP solutions, container technologies, APIs and event-driven automation
SANS SEC460: Threat and Vulnerability Assessment
SANS SEC524: Cloud Security and Risk Fundamentals
SANS SEC545: Cloud Security Architecture and Operations
SANS FOR578: Cyber Threat Intelligence
SANS MGT414: CISSP Certification
Any other DLP related certification, procedure knowledge, experience
Any other Insider Threat related certification, procedure knowledge, experience