Data Loss Prevention Analyst

DLP Analyst

The NITSO Security professional will support day‑ to day information security operations with a strong focus on Data Loss Prevention (DLP) incident monitoring and investigation, risk-based decisioning, and governance ensuring adherence to firm-wide information security, risk, and compliance policies across systems, users, and processes.

Key Responsibilities

- Monitor, review, and investigate DLP alerts and data leakage incidents across systems and email platforms.
- Validate document classification and assess data risk in line with firm policies.
- Engage with users and reporting managers to obtain clarifications, justifications, and supporting evidence.
- Ensure compliance with client, onshore, and firm-wide data security requirements.
- Recommend appropriate remediation actions, warnings, or escalations based on incident severity.
- Maintain accurate documentation, audit trails, and incident records.
- Track incident life-cycle and closure within defined SLA and support management reporting.
- Collaborate with HR, NITSO, Advisory, IT, and Risk/QRM stakeholders to enable effective risk management.
- Follow up on user responses and required information to enable timely incident resolution.

 

 

 

- Support day to day DLP monitoring and investigations by reviewing alerts, validating incidents, and assisting with evidence collection under defined procedures.
- Contribute to timely incident triage and documentation, ensuring cases are accurately logged, tracked, and closed in line with SLAs and governance requirements.
- Assist senior team members in analyzing data classification, user intent, and incident impact to differentiate true violations from false positives.
- Maintain clear and consistent investigation records to support audits, risk reviews, and compliance reporting.
- Support reporting and dashboards by helping track volumes, trends, and recurring issues in DLP incidents.
- Collaborate effectively with cross‑functional teams (security, IT, HR, and business users) by following guidance and escalating issues appropriately.
- Continuously build technical and analytical skills in DLP tools, security monitoring, and incident response processes.
- Strengthen the firm’s data protection posture by identifying trends, recurring risk patterns, and control gaps from DLP incidents, and recommending measurable improvements.

 

Bachelor’s degree in Information Security, Risk Management, IT, or a related discipline, with typically 2–5 years of experience in Information Security, Risk, or Compliance roles.

Experience Level

Mid Level