CrawlJobs Logo

DLP Incident Analyst

https://www.citi.com/ Logo

Citi

Location Icon

Location:
United States , Tampa

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

69050.00 - 96350.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

This role is a blend of data analysis and information security operations, focusing on the Data at Rest (DAR) lifecycle. As an analyst on the Data Loss Protection (DLP) team, you will be responsible for identifying, analyzing, and mitigating policy violations related to sensitive data stored on company networks. This position is ideal for a detail-oriented professional with a strong analytical mindset who can effectively manage and report on data security incidents.

Job Responsibility:

  • Utilize Data Loss Protection (DLP) tools to perform scans of global shared drives and SharePoint sites to identify sensitive data such as Personally Identifiable Information (PII)
  • Process and manage events triggered by policy violations, working with file owners and business units to ensure proper and timely remediation
  • Monitor risk by analyzing the root cause of security incidents, assessing their impact on the business, and defining required corrective action plans (CAPs)
  • Help consolidate evidence to ensure essential security procedures are being followed
  • Use advanced Microsoft Excel functions (e.g., macros, pivot tables, formulas) to analyze large datasets from security scans, identify trends, and create reports
  • Generate and deliver metrics and reports for internal teams, senior management, and external regulatory entities on an ad-hoc and recurring basis
  • Suggest and help implement improvements to scanning and remediation workflow efficiencies, including the potential use of new technologies
  • Maintain operating standards, procedures, and process control manuals for the DLP operations team
  • Perform ongoing information security awareness and training activities
  • Engage with various teams to gather additional information to bolster operational effectiveness and ensure security targets are being met

Requirements:

  • 2+ years of experience in an incident management, data processing, or a related information security field
  • An Information Security certification (e.g., CompTIA Security+, CISA, CISM) or the ability to obtain one within 12 months of employment is required
  • Advanced proficiency with Microsoft Excel, including the ability to create macros, pivot tables, and complex formulas for analyzing large datasets, is a big plus
  • Proven analytical skills with the ability to recognize anomalies and trends in data
  • Consistently demonstrates clear and concise written and verbal communication skills
  • Possesses strong situational awareness and an analytical mindset suitable for an operational security role
  • Bachelor's degree or equivalent practical experience
What we offer:
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for DLP Incident Analyst

Security Analyst

The Security Analyst plays a key role in protecting our organization by detectin...
Location
Location
United States , St. Louis
Salary
Salary:
Not provided
cyera.io Logo
Cyera
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–4 years of experience in security operations, incident response, or threat detection
  • Familiarity with SIEM, EDR, and related security tools (e.g., Splunk, Sentinel, CrowdStrike, etc.)
  • Understanding of IAM, cloud platforms (AWS, GCP, Azure), and basic network security principles
  • Strong analytical and problem-solving skills, with attention to detail and documentation
  • Excellent communication and teamwork skills
Job Responsibility
Job Responsibility
  • Triage incoming security alerts and requests, ensuring timely communication and resolution in coordination with internal stakeholders
  • Conduct first-line investigations using data from SIEM queries, IAM logs, and endpoint/cloud telemetry
  • Execute approved containment and remediation actions (e.g., disabling user accounts, revoking tokens, quarantining assets)
  • Collaborate closely with IT, Security Engineering, and MSSP partners to escalate and resolve complex incidents
  • Document investigation steps, outcomes, and lessons learned for future reference and process improvement
  • Utilize security tools such as SIEM, DLP, EDR, and DSPM platforms to validate alerts, uncover misconfigurations, and identify potential threats
  • Tune detection rules and contribute to continuous improvement of alert quality, reducing false positives
  • Monitor threat intelligence feeds to identify new vulnerabilities and recommend practical mitigation strategies
  • Partner with engineering teams to enhance visibility and strengthen detection coverage across systems and environments
  • Draft, maintain, and refine SOPs and runbooks for recurring alerts and incident types
What we offer
What we offer
  • Ability to work remotely, with office setup reimbursement
  • Competitive salary
  • Unlimited PTO
  • Paid holidays and sick time
  • Health, vision, and dental insurance
  • Life, short and long-term disability insurance
  • Fulltime
Read More
Arrow Right

Cybersecurity Analyst

We are seeking a Cybersecurity Analyst to strengthen our security posture and pr...
Location
Location
United States , Fort Lauderdale
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or a related field
  • 3-5 years of experience in cybersecurity operations, threat analysis, or incident response
  • At least one industry certification (e.g., CompTIA Security+, CEH, CISSP, CISM, OSCP)
  • Hands-on experience with cybersecurity tools (e.g., Splunk, CrowdStrike, SentinelOne, Rapid7, Palo Alto, Tenable, Wireshark)
  • Strong knowledge of firewalls, proxies, encryption, DLP, SIEM, EDR, XDR, IDS/IPS
  • Experience with cloud security (AWS, Azure, or Google Cloud)
  • Familiarity with secure coding practices, DevSecOps, and CI/CD security
  • Understanding of threat modeling, MITRE ATT&CK, cyber kill chain, and risk management
  • Strong analytical and problem-solving skills
  • Excellent verbal and written communication skills, with the ability to present security-related topics to non-technical stakeholders.
Job Responsibility
Job Responsibility
  • Monitor and analyze security alerts from various tools such as SIEM, EDR, XDR, and IDS/IPS
  • Conduct threat intelligence analysis and proactive threat hunting
  • Investigate and respond to cybersecurity incidents, breaches, and vulnerabilities
  • Perform risk assessments, vulnerability scans, and penetration testing to identify security gaps
  • Work with IT and development teams to implement security controls and enhance system defenses
  • Develop and enforce security policies, procedures, and incident response plans
  • Conduct digital forensics and root cause analysis for security incidents
  • Stay up to date with emerging cyber threats, attack techniques, and security technologies
  • Ensure compliance with industry security frameworks (e.g., NIST, ISO 27001, CIS, PCI-DSS, GDPR, HIPAA)
  • Assist in security awareness training and company-wide security initiatives
What we offer
What we offer
  • Access to top jobs
  • competitive compensation and benefits
  • free online training
  • medical, vision, dental, and life and disability insurance
  • eligibility to enroll in company 401(k) plan.
  • Fulltime
Read More
Arrow Right

Cyber Security Soc Analyst

The SOC Analyst (L1/L2) and Lead are responsible for proactive monitoring, detec...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of SIEM platforms and alert investigation
  • Advanced incident response, malware analysis, and RCA expertise
  • Deep knowledge of endpoint and network security tools
  • Threat hunting and forensic investigation capabilities
  • Familiarity with vulnerability management and DLP/email security
  • Experience with threat intelligence platforms and TTP mapping
  • Strong analytical, communication, and documentation skills
  • Guide development of SOC procedures/runbooks and continuous improvement initiatives
  • Administer DLP and email security systems
  • Operate Microsoft Defender for Endpoint, conduct threat hunting via EDR telemetry and memory dumps
Job Responsibility
Job Responsibility
  • Proactive monitoring, detection, investigation, and response to security threats using industry-leading solutions
  • Guide and architect SOC workflows and systems to ensure robust organizational security
  • Threat hunting and forensic investigation
  • Administer DLP and email security systems
  • Operate Microsoft Defender for Endpoint, conduct threat hunting via EDR telemetry and memory dumps
  • Use, configure, and optimize SIEM tools (Splunk, IBM QRadar, Microsoft Sentinel, LogRhythm, ArcSight, Elastic SIEM) for threat identification and alert management
  • Guide development of SOC procedures/runbooks and continuous improvement initiatives
  • Leadership and team management
What we offer
What we offer
  • Inclusive and respectful work environment
  • Positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Security Analyst

Location
Location
United States , North Quincy
Salary
Salary:
140000.00 USD / Year
realign-llc.com Logo
Realign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong hands‑on experience with the Proofpoint DLP platform, including OCR, EDM, and IDM configuration
  • Proven background in policy development, content inspection methods, and DLP tuning
  • Experience creating operational processes such as SOPs, incident workflows, and reporting structures
  • Solid understanding of incident response, alert handling, and data protection concepts
  • Familiarity with regulatory and data classification requirements (e.g., PII, PCI, PHI)
  • Strong communication skills and the ability to work with cross‑functional stakeholders
Job Responsibility
Job Responsibility
  • Deploy, configure, and operationalize Proofpoint platform capabilities including OCR, EDM, and IDM
  • Develop, tune, and maintain DLP policies, rule sets, and reporting dashboards
  • Create and maintain SOPs, runbooks, and triage workflows for DLP operations
  • Perform alert triage and incident remediation, including investigation, user outreach, and documentation
  • Monitor platform performance, perform tuning cycles, and reduce false positives through continuous optimization
  • Collaborate with Security Operations, Compliance, and Legal teams during incident investigations and policy updates
  • Fulltime
Read More
Arrow Right

SOC Insider Threat Lead Analyst

SOC Insider Threat Lead Analyst position at Citi, responsible for monitoring, re...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years working in the security & operations fields
  • Bachelor's degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
  • Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies
  • Ability to read and understand packet level data
  • Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
  • Certifications from EC-Council, GIAC, or (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]
  • Good communication skills with the ability to articulate clearly in high stress situations
  • Skills and proficiency with MS PowerPoint, Excel, Access or other analytical tools
Job Responsibility
Job Responsibility
  • Perform monitoring, research, assessment and analysis on alerts from various security tools
  • Recommend and review new use cases for insider threat monitoring
  • Follow pre-defined actions to investigate security incidents or perform incident response actions
  • Execute daily ad hoc tasks or lead projects as needed
  • Participate in or lead daily and ad-hoc conference calls
  • Create, update or provide process documentation, or provide requested evidence for compliance & controls requests
  • Fulltime
Read More
Arrow Right

Systems Administrator, Data Loss Prevention

We are seeking a skilled and highly motivated Systems Administrator to join our ...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years proven experience as a Systems Administrator with a strong understanding of operating systems, networking, and security principles
  • Hands-on experience with DLP solutions, preferably experience with Citi's chosen DLP product
  • Familiarity with ITIL processes, change management, and incident management best practices
  • Fluency in English
  • Strong troubleshooting and problem-solving skills, with the ability to analyze and resolve complex technical issues
  • Excellent communication and collaboration skills, with the ability to work effectively with both technical and non-technical stakeholders
  • Bachelor's degree in Computer Science, Information Technology, or a related field is preferred
Job Responsibility
Job Responsibility
  • Manage and maintain the DLP servers and infrastructure, including operating systems, applications, and databases
  • Perform regular system health checks, performance monitoring, and capacity planning to ensure optimal system performance and availability
  • Implement and manage change controls, following established ITIL processes to minimize service disruptions and maintain system integrity
  • Proactively identify and remediate system vulnerabilities, working closely with security teams to address potential threats and maintain a secure DLP environment
  • Provide first-line support for DLP-related issues, troubleshooting incidents, and escalating to third-line support when necessary
  • Collaborate with third-line support teams to resolve critical issues, implement bug fixes, and apply system patches
  • Assist in the deployment and configuration of DLP policies, working closely with security analysts to enforce data protection measures and prevent data leakage
  • Stay abreast of emerging DLP technologies, industry best practices, and evolving security threats to enhance the effectiveness of the DLP program
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Senior Data Loss Prevention (DLP) Analyst

The Senior Data Loss Prevention (DLP) Analyst is a subject matter expert respons...
Location
Location
United States , San Jose
Salary
Salary:
152000.00 - 180000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related fields
  • 3+ years of experience in cybersecurity, with a focus on data loss prevention, insider threat, or data protection
  • Deep technical expertise in DLP solutions (e.g., Microsoft Purview, Cyberhaven, Digital Guardian, Netskope)
  • Experience with data discovery, classification, and protection technologies
  • Strong analytical, investigative, and incident response skills
  • Familiarity with SIEM tools and user behavior analytics (UBA)
  • Excellent written and verbal communication skills
  • ability to convey technical concepts to non-technical stakeholders
  • Ability to work collaboratively in cross-functional teams and manage multiple priorities
Job Responsibility
Job Responsibility
  • Design, implement, and maintain enterprise DLP technology solutions across endpoints, servers, cloud, and network environments
  • Act as a subject matter expert for DLP tools (Cyberhaven, Digital Guardian, Case Management)
  • Develop and refine DLP policies and technical architecture diagrams
  • Oversee DLP endpoint agent deployment, configuration, and maintenance
  • Lead data discovery and classification efforts using DLP and information protection tools
  • Collaborate with privacy, engineering, and cybersecurity teams to ensure data is classified and protected
  • Monitor and analyze DLP alerts to detect and respond to potential data loss or exfiltration incidents
  • Investigate and resolve incidents involving the theft or loss of sensitive data
  • Manage insider risk using dedicated tools
  • Tune DLP policies and rules to reduce false positives and enhance detection accuracy
  • Fulltime
Read More
Arrow Right
New

Insider Threat Analyst

At Schwab, you’re empowered to make an impact on your career. Here, innovative t...
Location
Location
United States , Orlando, FL ; Phoenix, AZ
Salary
Salary:
98000.00 - 106000.00 USD / Year
schwab.com Logo
Charles Schwab
Expiration Date
May 11, 2026
Flip Icon
Requirements
Requirements
  • Understanding of computer networking concepts, communication protocols, primary threat actor attack methods and tools
  • Competent in collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources, documenting results, and analyzing findings to provide viable threat intelligence
  • Ability to understand and learn technical specifications, system requirements and other application design information as needed
  • Detail-oriented person who is passionate about quality and is enthusiastic about innovative technology offerings
  • Strong verbal and written communication skills and you are comfortable composing briefs and assessments for leadership
  • Familiar with analytical programming languages such as SQL
  • Ability to thrive in ambiguity and rapid change
  • Comfortable with process flow diagrams
  • Familiar with applying Agile Methods
  • Basic understanding of a variety of security and compliance policies and incident response processes
Job Responsibility
Job Responsibility
  • Support and analyze threat detection for the Cybersecurity Defense Insider Threat program
  • Work with a team of analysts in the identification and development of new processes and techniques to analyze information with the goal of detecting risks and gaps in the areas of people, processes, and technology
  • Utilize understanding of Insider Threat principles to identify trends and patterns which can assist in the development of new detection rules and models
What we offer
What we offer
  • 401(k) with company match and Employee stock purchase plan
  • Paid time for vacation, volunteering, and 28-day sabbatical after every 5 years of service for eligible positions
  • Paid parental leave and family building benefits
  • Tuition reimbursement
  • Health, dental, and vision insurance
  • Fulltime
!
Read More
Arrow Right