Security Analyst IV – DLP Monitoring & Response
Goodyear, Maricopa County, Arizona, 85338, USA
Listed on 2026-07-18
-
IT/Tech
Cybersecurity, Information Security, Data Security
Job Title
Security Analyst IV – DLP Monitoring & Response
LocationRemote position available across the United States (except Hawaii and Alaska).
About the CompanyCSAA Insurance Group (CSAA IG) is a leading personal insurance provider dedicated to protecting members from life's uncertainties.
Responsibility OverviewAs a Security Analyst IV you will support enterprise Data Loss Prevention (DLP) operations through event monitoring, investigation, triage, and risk assessment across cloud and on‑premises environments.
Key Responsibilities- Monitor, investigate, and triage DLP and data protection alerts across multiple security platforms.
- Analyze events to determine risk, business impact, and appropriate remediation actions; document investigations and findings.
- Escalate high‑risk events per incident response procedures and coordinate with stakeholders.
- Identify potential data exposure, unauthorized sharing, and exfiltration risks; validate alerts and distinguish true positives.
- Support risk‑based prioritization of security events and ensure alignment with corporate security policies and regulatory requirements.
- Partner with Cyber Defense, Security Engineering, IT, Cloud, Privacy, Legal, Compliance and business teams to validate context and support remediation.
- Communicate findings and recommendations to technical and non‑technical audiences.
- Identify recurring trends, policy gaps, and tuning opportunities; support DLP policy optimization, detection improvements, and automation initiatives.
- Contribute to operational playbooks, procedures, and knowledge‑sharing; assist in developing metrics, dashboards, and reporting for leadership.
- Microsoft Purview DLP
- Microsoft Defender for Cloud Apps (MDCA)
- Netskope DLP/CASB
- AWS Macie
- Trellix DLP
- Akamai Wiz
- SIEM and security monitoring platforms (primarily Tines and Splunk)
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field, or equivalent practical experience.
- 7+ years of experience in cybersecurity, security operations, incident response, DLP, CASB, cloud security, or data protection.
- Hands‑on experience investigating and responding to security or DLP alerts in an enterprise environment.
- Experience with one or more DLP/CASB platforms such as Microsoft Purview, MDCA, Netskope, AWS Macie, or Trellix.
- Familiarity with cloud collaboration platforms, data sharing technologies, and SIEM tools.
- Understanding of DLP concepts, data classification, and information protection controls.
- Knowledge of incident response processes and security event investigations.
- Working knowledge of regulatory and compliance requirements such as PCI, GDPR, CCPA, HIPAA, or similar frameworks.
- Proficiency in troubleshooting, documentation, and communication with multiple stakeholders.
- CISSP, CISM, Security+, CEH, Microsoft Security Certifications.
- Netskope Certifications, AWS Security Certifications.
- Experience with SIEM tools such as Splunk or Tines.
- Actively shapes company culture and participates in employee resource groups or volunteering.
- Comfortable with occasional travel for meetings and in‑person collaboration.
- Willing to invest extra time to support business needs and other teams.
CSAA Insurance Group is an equal opportunity employer. This role requires U.S. citizenship or authorized work status; we do not sponsor visas. Applicants with a need for reasonable accommodations may contact Talent Acquisition. The position is open to remote workers across the United States, except Hawaii and Alaska.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).