PamTen Inc

Compensation

Full Description

Job Title: Sr DLP Security OperationsLocation: New Hyde Park, NY & Atlanta, GA (hybrid - 3 times per week)Job Type: Contract Job Purpose:The Cybersecurity Operations Analyst DLP is responsible for overseeing all aspects of Data Loss Prevention (DLP) within the organization. This role focuses exclusively on developing and maintaining DLP policies, tuning DLP systems for optimal performance, and continuously monitoring DLP activities to prevent and detect unauthorized data access or transfer. Key Responsibilities:Security Monitoring • Lead the expansion and continuous improvement of Data Loss Prevention (DLP) initiatives across the organization, including international operations, ensuring robust policy enforcement and alignment with regulatory requirements • Work with internal IT teams and external MSSPs for security monitoring of IDS, SIEM, DLP, AV, and Endpoint Security technologies. • Performs security event correlation, triage, and analysis. • Applies Security Threat Intelligence to respond appropriately to security events. • Monitor, investigate, and respond to potential data loss events from both internal and external sources, ensuring swift containment and remediation • Administer, tune, and maintain DLP technologies for on-premise, cloud, SaaS, and endpoint environments to ensure robust policy enforcement • Develop, update, and enforce DLP policies and operational playbooks to address evolving data protection risks and regulatory requirements • Utilize threat intelligence to adapt DLP controls in response to new tactics, techniques, and procedures (TTPs) that target sensitive or regulated data • Review and approve new system deployments to ensure integration with DLP monitoring and compliance requirements • Document DLP incidents, investigations, and remediation steps to support regulatory audits and continuous process improvement • Collaborate with IT and security teams to automate DLP alerts and responses for faster threat mitigation • Provide off-hours support to address urgent DLP incidents and maintain 24/7 data protection coverage Incident Response • Performs incident response and forensic activities for internal and external threats. • Works with internal IT teams, MSSPs, and external Page 3 of 4 forensic services to respond to incidents. • Monitor and review DLP alerts across email, web, endpoint, and cloud. • Identify and prioritize real incidents vs. false positives. • Investigate user activity and data movement related to alerts. • Determine if incidents are accidental, negligent, or malicious. • Escalate high-risk cases to Legal, HR, or Security leadership. • Take action to contain active threats (e.g., disable sharing, isolate devices). • Document all findings, actions, and outcomes in the case tracking system. • Recommend user coaching or awareness training when needed. • Propose improvements to DLP rules to reduce noise and increase accuracy. • Track and report incident trends and metrics (volume, type, resolution time). • Collaborate with IT, Legal, HR, and business units during investigations. • Support audits, compliance checks, and policy updates as needed. Emerging Threats Monitoring • Obtains information and stays up-to-date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected. Service Desk and Incident Management • Assists in the investigation and resolution of security issues.