Data Loss Prevention Analyst
QBE The Americas
Primary DetailsTime Type: Full timeWorker Type: EmployeeThe focus of the role is to identify, proactively monitor sensitive data, and prevent unauthorized sensitive information from leaving the QBE networks. This role requires cross-functional coordination with a team of cybersecurity, privacy team, compliance, and data protection analysts under relevant regional regulations and confidentiality requirements.
Primary Responsibilities
• Perform deep-dive event and incident analysis by investigating security-related logs against the following policies:
•PCI (Payment Card Industry)
•PII (Personally Identifiable Information)
•FAN (Financial Account Numbers)
•Exact Data Matching (EDM)
•Zip, Oversize and Confidential file policies
•Perform identification and collection of cyber threats using proactive and reactive event monitoring methods.
•Use various security tools and resources to correlate suspicious events following standard operating procedures to determine the root cause of the event.
•Provide recommendations for enhancement in DLP handling processes and procedures.
•Execute data application assessment, and provide analysis and recommendations to develop policies.
•Proactively analyse threats to QBE’s systems, assets, and business operations and provide recommendations for mitigating controls and/or remediation.
•Work closely with the cybersecurity peers to identify opportunities to improve or enhance the DLP process and technology.
•Support the development and testing of newly created DLP Policies.
Required Education
• Bachelor's Degree or equivalent combination of education and work experience
Preferred Competencies/Skills
• Bachelor’s Degree or higher in an Information Security-related field, Information Technology and/or substantial relevant experience.
•(Preferred but not required) Security certifications in any of the following CompTIA (Security+, CySA+), CEH, CISSP
•Demonstrable understanding of various security frameworks and methodologies such as PCI-DSS, PII, NIST, GDPR.
Preferred Education
• Bachelor's Degree or equivalent combination of education and work experience
Preferred Education Specifics
• Information Security-related field, Information Technology and/or substantial relevant experience.
Preferred Experience
• Experience working with enterprise data protection technologies such as DLP, User and Entity Behavior Analytics (UEBA), and Cloud Access Security Brokers (CASB).
•1-2 years of relevant security experience performing similar duties working in a DLP environment or Security Operations.
•Experience in security event review and triage, preferably related to data protection
•Experience in handling security incidents/events at all levels related to data leaks and data exfiltration.
•Be able to communicate effectively and update senior stakeholders globally.
•Establish & maintain strong relationships with global security operations colleagues and other stakeholders.
•Demonstrated ability to make decisions on remediation and countermeasures.
Preferred Licenses/Certifications
• (Preferred but not required) Security certifications in any of the following CompTIA (Security+, CySA+), CEH, CISSP
Preferred Knowledge
• Demonstrable understanding of various security frameworks and methodologies such as PCI-DSS, PII, NIST, GDPR.
QBE Cultural DNA
• Everything we do at QBE is underpinned by our DNA (which interlinks seven cultural elements) – because we know it's not just what we do that matters, it's how we do it that makes the difference. We expect all employees to role model and inspire the right behaviours that link to our cultural elements:
•We are customer-focused
•We are technical experts
•We are inclusive
•We are fast-paced
•We are courageous
•We are accountable
•We are a team
•All employees are expected to adhere to QBE’s Code of Ethics and Conduct and apply sound risk management practices
US Only - Travel Frequency
• NA
US Only - Disclaimer
• To successfully perform this job, the individual must be able to perform each essential job responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential job responsibilities.
Job Type
• Individual Contributor
Global Disclaimer
• The duties listed in this job description do not limit the assignment of work. They are not to be construed as a complete list of the duties normally to be performed in the position or those occasionally assigned outside an employee’s normal duties. Our Group Code of Ethics and Conduct addresses the responsibilities we all have at QBE to our company, to each other and to our customers, suppliers, communities and governments. It provides clear guidance to help us to make good judgement calls.
Primary Responsibilities
• Perform deep-dive event and incident analysis by investigating security-related logs against the following policies:
•PCI (Payment Card Industry)
•PII (Personally Identifiable Information)
•FAN (Financial Account Numbers)
•Exact Data Matching (EDM)
•Zip, Oversize and Confidential file policies
•Perform identification and collection of cyber threats using proactive and reactive event monitoring methods.
•Use various security tools and resources to correlate suspicious events following standard operating procedures to determine the root cause of the event.
•Provide recommendations for enhancement in DLP handling processes and procedures.
•Execute data application assessment, and provide analysis and recommendations to develop policies.
•Proactively analyse threats to QBE’s systems, assets, and business operations and provide recommendations for mitigating controls and/or remediation.
•Work closely with the cybersecurity peers to identify opportunities to improve or enhance the DLP process and technology.
•Support the development and testing of newly created DLP Policies.
Required Education
• Bachelor's Degree or equivalent combination of education and work experience
Preferred Competencies/Skills
• Bachelor’s Degree or higher in an Information Security-related field, Information Technology and/or substantial relevant experience.
•(Preferred but not required) Security certifications in any of the following CompTIA (Security+, CySA+), CEH, CISSP
•Demonstrable understanding of various security frameworks and methodologies such as PCI-DSS, PII, NIST, GDPR.
Preferred Education
• Bachelor's Degree or equivalent combination of education and work experience
Preferred Education Specifics
• Information Security-related field, Information Technology and/or substantial relevant experience.
Preferred Experience
• Experience working with enterprise data protection technologies such as DLP, User and Entity Behavior Analytics (UEBA), and Cloud Access Security Brokers (CASB).
•1-2 years of relevant security experience performing similar duties working in a DLP environment or Security Operations.
•Experience in security event review and triage, preferably related to data protection
•Experience in handling security incidents/events at all levels related to data leaks and data exfiltration.
•Be able to communicate effectively and update senior stakeholders globally.
•Establish & maintain strong relationships with global security operations colleagues and other stakeholders.
•Demonstrated ability to make decisions on remediation and countermeasures.
Preferred Licenses/Certifications
• (Preferred but not required) Security certifications in any of the following CompTIA (Security+, CySA+), CEH, CISSP
Preferred Knowledge
• Demonstrable understanding of various security frameworks and methodologies such as PCI-DSS, PII, NIST, GDPR.
QBE Cultural DNA
• Everything we do at QBE is underpinned by our DNA (which interlinks seven cultural elements) – because we know it's not just what we do that matters, it's how we do it that makes the difference. We expect all employees to role model and inspire the right behaviours that link to our cultural elements:
•We are customer-focused
•We are technical experts
•We are inclusive
•We are fast-paced
•We are courageous
•We are accountable
•We are a team
•All employees are expected to adhere to QBE’s Code of Ethics and Conduct and apply sound risk management practices
US Only - Travel Frequency
• NA
US Only - Disclaimer
• To successfully perform this job, the individual must be able to perform each essential job responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential job responsibilities.
Job Type
• Individual Contributor
Global Disclaimer
• The duties listed in this job description do not limit the assignment of work. They are not to be construed as a complete list of the duties normally to be performed in the position or those occasionally assigned outside an employee’s normal duties. Our Group Code of Ethics and Conduct addresses the responsibilities we all have at QBE to our company, to each other and to our customers, suppliers, communities and governments. It provides clear guidance to help us to make good judgement calls.
How to Apply:
To submit your application, click "Apply" and follow the step by step process.
Equal Employment Opportunity:
QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.
Confirm your E-mail: Send Email
All Jobs from QBE The Americas