Senior Data Protection Analyst

Description:

One Park Financial (OPF) is a fast-growing FinTech company headquartered in Miami,

Florida. We provide flexible financing solutions to small businesses across the United States.

We are seeking a Senior Data Protection Analyst (DLP) to lead our Data Egress &

Collaboration Security program. This role focuses on preventing unauthorized data

exfiltration, monitoring outbound communications, and ensuring compliance with internal

data protection policies.

The Senior Data Protection Analyst will serve as a key technical authority responsible for

protecting sensitive customer and company data through advanced monitoring,

investigation, and enforcement of Data Loss Prevention policies.

Duties and Responsibilities

• Perform manual and automated inspection of outbound email attachments sent to external domains.
• Design and enforce Data Loss Prevention (DLP) policies within Microsoft Purview and Mimecast.
• Monitor quarantine queues and review outbound communications containing attachments.
• Conduct forensic investigations into potential PII exfiltration incidents.
• Review Spanish-language communications to identify contextual indicators of sensitive data exposure.
• Implement governance rules for outbound messaging platforms including Salesforce SMS.
• Audit identity and administrative activity logs across Okta and Microsoft 365.
• Investigate unauthorized configuration changes or security policy bypass attempts.
• Collaborate with HR and Legal to preserve digital evidence and maintain chain-of custody documentation.

Requirements

• 5–8 years of experience in Infrastructure Security, Digital Forensics, or Data Loss Prevention.
• Advanced experience with Microsoft Purview, Okta Identity Governance, Mimecast, and Exchange Admin Center.
• Experience performing security investigations and forensic analysis.
• Proficiency in Python or Kusto Query Language (KQL).
• Strong understanding of identity governance and insider threat detection.
• Fluent bilingual communication skills in Spanish and English.

Candidate Vetting: Technical Interview Framework – The Gatekeeper Challenge

This role includes a three-stage technical evaluation designed to assess platform mastery,

forensic instincts, and security decision-making authority.

• Stage 1 – Shadow Admin Log Analysis: Candidate analyzes suspicious Okta and Microsoft 365 logs where an admin temporarily removes a compliance group and restores it minutes later. Candidate must identify the security bypass window and propose containment steps.
• Stage 2 – Attachment Forensic Investigation: Candidate reviews a suspicious Excel attachment with abnormal file size and must determine forensic steps such as reviewing hidden sheets, metadata, and potential embedded PII before release.
• Stage 3 – Spanish Context & SMS Security Review: Candidate evaluates a Spanish language email potentially masking sensitive data and proposes detection logic for =similar activity in Salesforce SMS using keywords, regex, or KQL.

Work Schedule

In-office role based in Dallas, Texas.

Monday–Friday standard business hours.

Benefits

• Competitive salary and compensation package
• Health insurance (medical, dental, vision)
• Life insurance
• Paid time off
• Career growth and development opportunities