Job Description & How to Apply Below
The Data Security Analyst supports the day-to-day administration and continuous improvement of the enterprise Data Protection Program, with a primary focus on Microsoft Purview and Crowd Strike Falcon Data Protection. This role assists with implementing, testing, monitoring, and documenting data loss prevention and insider risk controls across endpoint, email, SaaS, and cloud channels. Working in partnership with Cybersecurity, Legal, HR, Privacy, Enterprise IT, and business stakeholders, the analyst helps investigate alerts, maintain policies, and support data protection processes and workflows.
The role provides an opportunity to build hands-on experience with enterprise data protection tools while contributing to the identification, escalation, and resolution of data protection risks and incidents.
Major Responsibilities
Data Protection Platform Support (Purview & Falcon Data Protection)
Support the administration of Microsoft Purview (Data Loss Prevention, Insider Risk Management, Information Protection / sensitivity labels, and Data Lifecycle Management) and the Crowd Strike Falcon Data Protection module. Assist with policy setup, testing, rollout activities, exception tracking, and basic platform health monitoring under the guidance of senior team members. Maintain runbooks, standard operating procedures, and internal documentation to support consistent execution of data protection processes.
DLP Policy Support, Testing & Tuning
Assist with creating, testing, and updating data loss prevention policies across endpoint, email, M365 SaaS, browser, and cloud egress channels. Help translate data classification and regulatory requirements into policy rules using available platform capabilities such as sensitive information types, classifiers, Exact Data Match, and document fingerprinting where appropriate. Participate in test validation, monitor policy results, and help identify false positives, exceptions, and opportunities for improvement.
Insider Risk Monitoring Support
Support the monitoring and maintenance of insider risk policies in Purview Insider Risk Management and complementary detections in Falcon Data Protection. Assist in reviewing potential risk scenarios such as data exfiltration, departing employees, privileged user misuse, and repeated policy violations. Partner with HR, Legal, Privacy, and Employee Relations as needed to support case preparation, documentation, and policy validation while following established privacy and escalation guidelines.
Alert Triage & Investigation Support
Review and triage data protection alerts and tickets generated by Purview and Falcon Data Protection. Gather relevant details, perform initial analysis, document findings, and escalate higher-risk or more complex issues according to defined procedures. Support investigations of suspected data loss, insider misuse, and policy violations by collecting evidence from available tools and helping maintain complete, accurate case records.
Reporting, Metrics & Documentation
Assist with preparing recurring reports and metrics related to DLP and insider risk activity, including alert volumes, investigation status, policy trends, and identified gaps. Help maintain documentation that supports governance activities, audit readiness, and periodic policy reviews.
Stakeholder Coordination & Communication
Work with Cybersecurity, IT teams, system and data owners, HR, Legal, Privacy, and business stakeholders to support data protection activities. Communicate clearly regarding open items, required inputs, documentation needs, and status updates, and participate in working sessions and case reviews as assigned.
Continuous Improvement & Process Support
Contribute to ongoing improvements in the enterprise Data Protection Program by identifying process gaps, recommending refinements, and supporting updates to detection logic, triage workflows, and investigation playbooks. Assist with automation and AI-enabled process improvements that increase efficiency, consistency, and scalability.
Education
Bachelor’s degree in information technology, Cybersecurity, Information Systems, Computer Science, or a related field, or equivalent experience
Work Experience
1 year of experience in information security, cybersecurity operations, IT support, systems administration, compliance, or a related technical field
Exposure to data protection, data loss prevention, Microsoft security technologies, endpoint security, or incident/case management through coursework, lab work, certifications, prior roles, or project experience.
Experience supporting alert review, documentation, reporting, policy administration, or investigation-related activities is preferred.
Experience working with sensitive or confidential information in a professional setting
Experience standing up or scaling an insider risk program, including partnership with HR and Legal on sensitive casework.
Exposure to regulatory frameworks relevant to data protection (e.g., GDPR, SOX, PCI-DSS) and to…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×