Sr Data Protection Analyst - Doha, دولة قطر - The Commercial Bank

وصف

• A DLP (Data Loss Prevention) and Data Classification resource is responsible for implementing and managing data protection measures within the Bank. His primary role is to ensure that sensitive or confidential information is adequately protected from unauthorized access, loss, or leakage.
• DLP Implementation: The resource will be involved in planning, configuring, and deploying DLP solutions across the organization's network, endpoints, and data storage systems. They will work closely with IT teams to ensure seamless integration of DLP technologies.
• Policy Development: The resource needs to collaborate with stakeholders to define data protection policies, guidelines, and best practices. This includes identifying and classifying sensitive data based on its type, importance, and regulatory requirements.
• Data Classification: The resource will develop and implement data classification schemes that categorize information based on its level of sensitivity, confidentiality, and criticality. He will work with business units to ensure consistent and accurate data labeling.
• Risk Assessment: Conducting risk assessments to identify potential vulnerabilities, threats, and risks related to data handling and protection. He should recommend and implement controls and countermeasures to mitigate these risks effectively.
• Incident Response: Monitoring and investigating potential data breaches, security incidents, or policy violations. He will be responsible for analyzing incidents, identifying the root cause, and implementing corrective actions to prevent future occurrences.
• Compliance and Auditing: Collaborating with compliance teams to ensure adherence to industry standards, privacy regulations, and data protection laws. They will assist in conducting regular audits and assessments to evaluate the effectiveness of DLP controls and data classification practices.
• Continuous Improvement: Keeping uptodate with emerging DLP technologies, industry trends, and security best practices. He will evaluate and recommend improvements to existing DLP and data classification strategies to enhance overall data protection capabilities.
• Product knowledge: Should have strong technical knowledge in ForcePoint, Boldon James or Microsoft AIP solution. He should have either similar experience and should have faster adaptive ability to learn the product and implement the same.
• Overall Security knowledge in SIEM (Preferably Splunk), Network security, and EDR solution.
• Should have understanding of MITRE framework.
• Continuous monitoring and review of security events, reports, alerts and CSOC dashboards to identify anomalous patterns indicative of potential security incidents
• Responsible in safeguarding sensitive information, maintaining compliance, and reducing the risk of data breaches or unauthorized disclosures within an organization.
• Responsible for timely and effective response to, and management of, incidents, events, notifications, calls and other activities related to CSOC including Root Cause Analysis
• Gather relevant information and provide actionable intelligence on potential cyber security threats and incidents
• Prepare CSOC reports (for presentation if needed) on daily, weekly and monthly KRIs
• Perform regular health checks on all DLP systems and tools and ensure that all hosts are monitored and required security event logs are being collected
• Take direction and guidance from InfoSec Management to build, support and update the CSOC playbooks/processes
• Render support for the administration and configuration of security controls such as SIEM, Antivirus software, network security devices, PAM, DLP, Vulnerability Management, etc.
• Prepare security awareness messages, presentations and announcements for management, IT staff, and regular users
• Participate in regular cyber drills and CSOC exercises
• Identify and communicate daily all critical items requiring the attention of senior management and coordinate with relevant teams to provide necessary remediation action
• Perform exception reviews, due diligence activities and risk assessment when required
• Facilitate technology audit and control remediation activities to ensure items are closed in a timely manner
• Manage all documentation related to information security incidents
• Resolve technical security queries; research, investigate and provide control recommendations to address risk

• Degree in Computer Engineering / MCA
• Should DLP and other equivalent Cyber Security Certification
• 10 or more years of experience in Cyber Security using SIEM, Endpoints, DLP, Python Scripting, troubleshooting, monitoring and management
• 5 or more years prior work experience in a CSOC environment focused on data protection, classification and analysis

• Good understanding of Information Security principles, accepted practices and