Cybersecurity Operations Analyst - DLP

Cybersecurity Operations Analyst – DLP

Job Purpose
The Cybersecurity Operations Analyst – DLP is responsible for leading and managing all aspects of the Data Loss Prevention (DLP) program. This role ensures the continuous development, tuning, and monitoring of DLP policies and technologies to prevent unauthorized data access or transfer across all organizational systems.

Key Responsibilities
Security Monitoring

• Lead and enhance DLP initiatives organization-wide, including global operations.
• Monitor, investigate, and respond to internal and external potential data loss events.
• Administer and tune DLP technologies across on-premise, cloud, SaaS, and endpoint environments.
• Develop and enforce DLP policies and operational playbooks.
• Integrate threat intelligence to evolve DLP controls against emerging TTPs.
• Review new system deployments to ensure DLP compliance.
• Maintain documentation for incidents and investigations to support audits and improvements.
• Collaborate with IT and security teams to automate alerts and responses.
• Provide after-hours support as needed to maintain 24/7 coverage.

• Monitor DLP alerts across email, web, cloud, and endpoint.
• Triage and prioritize true positives versus false positives.
• Investigate user behavior and data movement.
• Classify incidents (accidental, negligent, malicious).
• Escalate critical issues to Legal, HR, or Security leadership.
• Contain threats (e.g., isolate devices, disable sharing).
• Document all actions and outcomes.
• Recommend coaching or user training.
• Improve DLP rule accuracy.
• Track and report incident metrics.
• Collaborate across departments during investigations.
• Support compliance checks and audits.

• Stay current with threat intelligence and cybersecurity trends.

• Support investigations and resolution of cybersecurity incidents.

• Focus on Customers – Put internal/external customer needs at the forefront of decisions and actions.
• Drive Results – Set and pursue high performance standards.
• Develop Self and Others – Continuously improve knowledge and abilities.
• Champion Change – Embrace innovation and support change initiatives.
• Value Others – Act with integrity, inclusiveness, and respect.
• Build Relationships – Collaborate and build strong working relationships.

• Bachelor's in Computer Science, Information Security, or related field (or equivalent experience).
• Practical experience in security operations (Monitoring, IR, Network Security).
• Familiarity with data classification and regulatory standards (e.g., PII, PCI, HIPAA, GDPR).
• Hands-on experience with DLP platforms such as:
  • Symantec DLP
  • Microsoft Purview
  • Zscaler DLP
  • Forcepoint, McAfee, Digital Client

• Working knowledge of:
  • Firewalls, VPNs, IDS
  • Endpoint Detection & Response (EDR)
  • Antivirus, Secure Web Gateway/Proxy
  • SIEM tools and event correlation
• Understanding of compliance frameworks: SOX, CCPA, PCI-DSS

• Endpoint DLP
• Network DLP
• Cloud Data Protection
• Policy Development & Tuning
• Insider Threat Detection

• 
  No C2C” (Corp-to-Corp)

• “W2 candidates only”

• “Direct applicants only”

• “No recruiters or agencies please”

Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.

Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.