CrawlJobs Logo
Citi Logo Citi · IT - Administration

DLP Incident Analyst

United States, Tampa 69050.00 - 96350.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

This role is a blend of data analysis and information security operations, focusing on the Data at Rest (DAR) lifecycle. As an analyst on the Data Loss Protection (DLP) team, you will be responsible for identifying, analyzing, and mitigating policy violations related to sensitive data stored on company networks. This position is ideal for a detail-oriented professional with a strong analytical mindset who can effectively manage and report on data security incidents.

Job Responsibility

  • Utilize Data Loss Protection (DLP) tools to perform scans of global shared drives and SharePoint sites to identify sensitive data such as Personally Identifiable Information (PII)
  • Process and manage events triggered by policy violations, working with file owners and business units to ensure proper and timely remediation
  • Monitor risk by analyzing the root cause of security incidents, assessing their impact on the business, and defining required corrective action plans (CAPs)
  • Help consolidate evidence to ensure essential security procedures are being followed
  • Use advanced Microsoft Excel functions (e.g., macros, pivot tables, formulas) to analyze large datasets from security scans, identify trends, and create reports
  • Generate and deliver metrics and reports for internal teams, senior management, and external regulatory entities on an ad-hoc and recurring basis
  • Suggest and help implement improvements to scanning and remediation workflow efficiencies, including the potential use of new technologies
  • Maintain operating standards, procedures, and process control manuals for the DLP operations team
  • Perform ongoing information security awareness and training activities
  • Engage with various teams to gather additional information to bolster operational effectiveness and ensure security targets are being met

Requirements

  • 2+ years of experience in an incident management, data processing, or a related information security field
  • An Information Security certification (e.g., CompTIA Security+, CISA, CISM) or the ability to obtain one within 12 months of employment is required
  • Advanced proficiency with Microsoft Excel, including the ability to create macros, pivot tables, and complex formulas for analyzing large datasets, is a big plus
  • Proven analytical skills with the ability to recognize anomalies and trends in data
  • Consistently demonstrates clear and concise written and verbal communication skills
  • Possesses strong situational awareness and an analytical mindset suitable for an operational security role
  • Bachelor's degree or equivalent practical experience

What we offer

  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

DLP Incident Analyst

8 matching positions

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Senior Data Loss Prevention (DLP) Analyst

The Senior Data Loss Prevention (DLP) Analyst is a subject matter expert respons...
Location
Location
United States , San Jose
Salary
Salary:
152000.00 - 180000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related fields
  • 3+ years of experience in cybersecurity, with a focus on data loss prevention, insider threat, or data protection
  • Deep technical expertise in DLP solutions (e.g., Microsoft Purview, Cyberhaven, Digital Guardian, Netskope)
  • Experience with data discovery, classification, and protection technologies
  • Strong analytical, investigative, and incident response skills
  • Familiarity with SIEM tools and user behavior analytics (UBA)
  • Excellent written and verbal communication skills
  • ability to convey technical concepts to non-technical stakeholders
  • Ability to work collaboratively in cross-functional teams and manage multiple priorities
Job Responsibility
Job Responsibility
  • Design, implement, and maintain enterprise DLP technology solutions across endpoints, servers, cloud, and network environments
  • Act as a subject matter expert for DLP tools (Cyberhaven, Digital Guardian, Case Management)
  • Develop and refine DLP policies and technical architecture diagrams
  • Oversee DLP endpoint agent deployment, configuration, and maintenance
  • Lead data discovery and classification efforts using DLP and information protection tools
  • Collaborate with privacy, engineering, and cybersecurity teams to ensure data is classified and protected
  • Monitor and analyze DLP alerts to detect and respond to potential data loss or exfiltration incidents
  • Investigate and resolve incidents involving the theft or loss of sensitive data
  • Manage insider risk using dedicated tools
  • Tune DLP policies and rules to reduce false positives and enhance detection accuracy
  • Fulltime
Read More
Arrow Right
New

Managed Services Operations Specialist

The Managed Services Operations Specialist is a skilled cybersecurity specialist...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 1 year of experience working in an industry standard SOC in security analysis/incident handling and security monitoring
  • Experience or at least knowledge of Cloud technologies (Azure preferred)
  • Experienced in SIEM (Sentinel, Splunk, QRadar Chronicle, McAfee, CryptoSIM, Logsign etc.) and SOAR products
  • Knowledgeable in security topics such as next gen firewalls (Fortinet, PaloAlto, CheckPoint) and other network security devices and software such as WAF, DLP, anti-virus/anti-malware, threat intelligence, etc.
  • General understanding of attacker tools, tactics and techniques and referencing on MITRE ATT&CK, knowledge of MITRE Shield
  • Familiar with tools for malware analysis, open-source threat Intelligence and SOAR
  • Detail-oriented, problem-solving mindset with critical and analytical thinking
  • Ethical integrity, good at teamwork, responsible and highly motivated
  • Result-oriented, inquisitive, eager to learn new threats, technologies, and security practices
  • Fluent in English to read and interpret global reports and technical articles published in the field of cybersecurity
Job Responsibility
Job Responsibility
  • Monitor security access and identify security incidents using Security Information and Event Management (SIEM) tools
  • Ensure continuity and availability of the modular platform components and security systems required
  • Perform initial analysis and investigation of security alerts to differentiate false positives from true incidents. This includes understanding attack vectors, malware behavior, and the potential impact of different types of threats
  • Document security incidents and actions taken in response
  • Escalate complex incidents to higher-level SOC threat responders and experts for further analysis and resolution, working in partnership with the L2 Central SOC teams and other SOCs
  • Participate in developing incident response protocols and procedures
What we offer
What we offer
  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Fulltime
Read More
Arrow Right

SOC Analyst II

Piper Companies is hiring an SOC Analyst II to support a client in the technolog...
Location
Location
United States , Raleigh
Salary
Salary:
105000.00 - 125000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active Secret Clearance
  • Experience as a Tier 2 SOC Analyst supporting incident detection and response
  • Hands-on expertise with Splunk SIEM, AWS environments, and cloud security operations
  • Familiarity with modern security frameworks, threat detection, and investigative methodologies
Job Responsibility
Job Responsibility
  • Monitor and triage security alerts across SIEM (Splunk), EDR (Defender, Trend Micro), cloud platforms (Wiz, AWS Security Hub, GuardDuty), DLP, and network tools
  • Perform Tier 2 incident investigations, analyzing events to determine impact and required response
  • Support post-incident reviews and enhance detection rules, playbooks, and response processes
  • Contribute to SOC metrics, reporting, and overall operational effectiveness
What we offer
What we offer
  • Health
  • Vision
  • Dental
  • PTO
  • Paid Holiday
  • Sick Leave if Required by Law
  • Fulltime
Read More
Arrow Right

Security Analyst

Our client, a leader in sustainable energy solutions, is seeking a proactive Inf...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
mintselection.com Logo
Mint Selection
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience with security tools (e.g. SIEM, EDR, vulnerability management, network security tools, query writing and alert tuning)
  • Experience implementing and managing Purview DLP solutions
  • Experience monitoring and responding to security events in cloud environments (Azure)
  • Strong understanding of security operations, threat detection, and incident response
  • Knowledge of security standards and regulatory compliance requirements (ISO, NIST)
  • Experience with third-party risk management and supplier assurance
  • Familiarity with penetration testing processes and remediation tracking
  • Understanding of network security principles, including in cloud-based environments
  • Experience with OT (Operational Technology) and physical security is advantageous
  • Zscaller and Paolo Alto/firewall experience beneficial
Job Responsibility
Job Responsibility
  • Monitor, analyse, and respond to security alerts, logs, and telemetry across SIEM (Microsoft Sentinel), EDR, network and DLP security platforms
  • Support detection and response activities, including incident triage, investigation, and remediation
  • Implement and manage Data Loss Prevention (DLP) controls, including policy configuration, tuning, and incident handling
  • Contribute to the development and maturity of the organisation’s security stack
  • Assist in coordinating penetration testing activities, including scoping, stakeholder engagement, and remediation validation
  • Maintain accurate documentation of incidents, risks, controls, and audit evidence to support governance and compliance
  • Conduct third-party security assessments, including questionnaires and documentation reviews
  • Work closely with external SOC providers and network/security partners
  • Evaluate and onboard new security technologies and tools
  • Support cyber security awareness programmes, tabletop exercises, and resilience planning
  • Fulltime
Read More
Arrow Right

Senior Security Engineer (DLP)

Shape global data protection strategies and make a massive impact on enterprise ...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
7000.00 - 10000.00 MYR / Month
https://www.randstad.com Logo
Randstad
Expiration Date
July 02, 2026
Flip Icon
Requirements
Requirements
  • Bachelor Degree
  • Strong hands-on expertise in Microsoft Purview for building and managing enterprise-wide security policies
  • Navigate and secure platforms including Endpoint, Exchange, SharePoint, OneDrive, and Teams
  • Design, deploy, and maintain complex data classification and auto-labeling frameworks
  • Investigate high-level data leakage alerts and troubleshoot complex, escalated security incidents
  • Lead technical initiatives, support compliance benchmarking, and provide actionable technical guidance to security teams
Job Responsibility
Job Responsibility
  • End-to-End Management: Drive the complete lifecycle of DLP policies across diverse enterprise platforms using Microsoft Purview
  • Proactive Classification: Build and maintain sensitivity labels and auto-labeling rules to guarantee data is secure by design right at creation
  • Advanced Incident Response: Lead investigations for data leakage alerts and serve as the ultimate escalation point for complex operational issues
  • Strategic Optimization: Continuously audit and fine-tune policies to silence the noise of false positives while strictly blocking high-risk data movement
  • Leadership & Development: Spearhead security projects, support compliance audits, and mentor junior analysts on advanced incident handling
!
Read More
Arrow Right

Dlp Engineer

Currently, we are looking for an experienced DLP Security Engineer to join the C...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of experience in a SOC or Security Engineering environment
  • Strong hands-on experience with Microsoft Purview DLP (M365, Endpoint DLP, Cloud Apps)
  • Solid understanding of DLP concepts, data classification, and data protection strategies
  • Experience with SIEM platforms such as Microsoft Sentinel or Splunk
  • Knowledge of scripting languages such as PowerShell, Python, or KQL
  • Good understanding of network protocols, encryption, and data exfiltration techniques
  • Strong analytical, communication, and problem-solving skills
  • Ability to manage multiple projects and work effectively in a collaborative environment
  • Proactive mindset and passion for cybersecurity and threat mitigation
Job Responsibility
Job Responsibility
  • Design, develop, and deploy DLP controls across enterprise environments
  • Deploy, configure, and maintain Microsoft Purview / MDCA DLP policies across Microsoft 365, endpoints, and cloud applications
  • Create, optimize, and maintain DLP rules, data profiles, and incident workflows
  • Reduce false positives and improve detection accuracy through continuous tuning and optimization
  • Support data classification, sensitivity labeling, and governance initiatives
  • Develop detection rules, threat-hunting use cases, and response playbooks
  • Assist SOC analysts during investigations, especially in data exfiltration scenarios
  • Integrate Purview, Sentinel, and DLP logs with SIEM and SOC technologies
  • Document operational procedures, tuning guides, and testing plans
  • Collaborate with internal IT, Cloud, and Security teams to ensure adequate data protection coverage
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs)
  • Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Work with talented engineers on large-scale, technically challenging projects
  • Fulltime
Read More
Arrow Right

Cybersecurity Analyst

Our client, a rapidly growing biotechnology company in Montreal, is seeking its ...
Location
Location
Canada , Montréal
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 20, 2026
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in IT security, security operations (SOC), or incident response
  • Strong operational experience with macOS (essential) and/or Linux
  • Excellent command of AWS IAM (roles, permission policies)
  • Solid networking foundation
  • ability to trace and correlate events across different technology domains
  • You hold the following certifications: CCNA, CCNP (will be considered a major asset)
Job Responsibility
Job Responsibility
  • Monitor, investigate, and respond to security alerts and incidents (L2 escalation)
  • Manage the full incident lifecycle, from detection to resolution
  • Collaborate closely with the existing external SOC provider to improve service quality, filter background noise, and reduce false positives
  • Operate and configure content filtering, DNS security, VPN, IPS, network threat detection, endpoint protection, DLP, and CASB tools
  • Support and maintain AWS access management (IAM, roles, policies, and application of the principle of least privilege)
  • Ensure the security of the endpoint fleet in a predominantly macOS environment using mobile device management (MDM) tools
  • Actively contribute to raising the cybersecurity maturity level
  • Build the governance and operational frameworks (the NIST structure is already in place)
  • Actively participate in the project to ensure compliance with Law 25, then lead the initiatives towards ISO 27001 certification
  • Develop and deliver safety training programs for internal users
What we offer
What we offer
  • A cutting-edge work environment (cloud-native, Mac-first)
  • The opportunity to have a direct impact on a company's security and infrastructure
  • A competitive salary
  • Flexible remote work options
  • Fulltime
Read More
Arrow Right