The BusinessRisk & Control – Data Loss Prevention team is a 1st Line of Defense (LoD)focused on Information Security. Liaison between Information Security Office,IT Security and the Business Control Teams to be in line with the InformationSecurity Framework. 

Responsibilities:

As a member ofthe BRC/DLP team a key focus for the individual will be monitoring externalelectronic communication, provide consolidated DLPEvent Reporting, Incident management – identification, review, escalation andresolution of DLP events, update/revise classification and DLP rules/policiesworking with the Business/Control Teams. Focused on Data Protection whichincludes awareness/training, data classification, secure email, and scanning toidentify information security gaps in unstructured data.

Day to daytriage of Data Protection solution generated reporting and/or centralizedincident logs

Performingongoing tracking of alerts for individuals (repeat offenders, anomalies, issueseverity, significance etc.)

Performingresearch to sort through false positives

Email ForensicMonitoring to detect a violation of policy.

Collectsfindings, identifies root cause, and proposes long‐term solutions which supportbusiness processes

Provide inputon the maintenance and design of DLP rules

Escalateincidents/alerts to Business Unit/Team Leads when necessary.

Performincident response tracking and reporting; incident closures followingresolution

Contribute tothe KPI/KRI Reporting for Risk Committees or other governance activities

Suggestimprovements of Data Protection awareness campaigns and training sessions forvarious employee profiles

Skills:

IndustryBackground: Corporate Banking/Capital Markets – Financial Services

Years ofExperience: 2-3 years in related field; Analyst

Relevant Risk /Functional Experience: Information Security, Data Protection/Loss Prevention,Incident Alert Reporting/Processing, Case Management, Root Cause Analysis,working within SLA timeframes, Executive Management Reporting andCollaboration, Experience with Electronic Investigation, Forensic Tools andMethodologies, Log Correlation.

BehavioralCompetencies: Complex workflow management; Strong interpersonal andcommunication skills, Ability to handle highly sensitive information in a veryprofessional and confidential manner, and with the highest integrity; Problemsolver; Possesses strong organizational and analytical skills; Team player;Self‐motivated and willing to adapt to an evolving work environment; Fosterscooperation, communication and commitment among groups and teams

DLP tools –accustomed to one or more DLP tools such as Microsoft DLP, Symantec, Netskope,Global Relay, Archer, and/or Titus classification tool. Proficiency in MS Word,Excel, and PowerPoint

Certifications:CISM, CISSP, CISA, CIA – Preferred