返回查询:DLP Incident / 南京市
  • DLP Data Leakage Prevention, SOC, Symantec, McFee, Qualys, Forcepoint,
  • Top Finance Group in Europe
  • Global SSC center setup

DLP Incident Investigation Analyst
Client:
World Famous Financial Banking Group

Location:
Nanjing, Jiangsu

BU:
China IT & Operation Hub

Position Purpose

  • The DLP Senior Incident Investigation Analyst reports to the APAC DLP Investigation & Remediation Lead and has strong IT Security knowledge in different areas.
  • The role focuses on remediating alerts and incidents raised by different IT Security controls.

Responsibilities:
Direct responsibilities of the DLP Senior Incident Investigation Analyst

  • Directly process various types of data breach incidents, collect evidence and coordinate every aspect of investigations using all available information sources
  • While processing alerts and incidents, coordinate the work of remediation stakeholders
  • Collect findings, identify root cause, and propose long‐term solutions which support business processes
  • Liaise with IT support teams to gather additional evidence and access necessary data
  • Prepare incident documentation ﴾notifications, assessments, reports, post‐mortem, etc.﴿
  • Escalate issues in an effective manner and resolve them with managers and the rest of the team
  • Work towards the established internal OLA and the SLA agreed with business stakeholders
  • Gain an understanding of sensitive data within the organization, business processes, data life cycles, and data privacy requirements from business and regulatory perspectives

Contributions Of The DLP Senior Incident Investigation Analyst

  • Proactively suggest new use cases based on investigation results and user behavior analysis.
  • Provide input to the Requirement Manager on the maintenance and design of DLP rules
  • Suggest improvements of awareness campaigns, design and deliver training sessions, workshops, for the various employee profiles
  • Assist in designing and producing customized DLP reports, and contribute to the preparation of KPI and KRI for internal use and for management dashboards
  • Partner with the Cyber Security team on monitoring and investigation
  • Collaborate with other control teams such as Compliance Surveillance and Conduct in performing misconduct investigation with Data Leakage elements
  • Contribute to maintaining a reputation of excellence and professionalism vis a vis all senior management
  • Actively contribute to Operational Permanent Control. Improve operational risk management, execute first‐level controls and partner with IT OPC for second‐level validation

Technical & Behavioral Competencies
Essential Skills

  • Understanding of data protection challenges within a large organization
  • Experience with Data Leakage Prevention, evidence gathering and analysis, and forensic investigations
  • Prior exposure to IT Security
  • At ease with engaging very various stakeholders for the purpose of assessing and remediating incidents

Useful skills

  • Familiar with regulatory requirements on data privacy and data protection
  • Experience in an audit or a compliance role is a plus

Behavioral competencies

  • Excellent interpersonal and communication skills
  • Ability to propose innovative ideas and solutions
  • Values and demonstrates integrity
  • Possesses strong organizational and analytical skills
  • Team player
  • Takes initiative and is results driven
  • Ability to manage change and complexity with confidence
  • Client focused and commercial thinking
  • Self-motivated and willing to adapt to a new work environment
  • Fosters cooperation, communication and commitment among groups and teams
  • Anticipates and resolves conflicts and removes barriers to success

Specific Qualifications (if Required)
Minimum 1+ years of experience in the following areas:

  • Large organization(s), preferably international banking
  • Handling of security incidents analysis / investigations
  • Handling of misconduct or fraud investigations
  • Technology, tools, policies, and standards related to data protection and data breach incident response
  • Electronic investigation, forensic tools and methodologies, including log correlation and analysis, forensically handling electronic data, and computer security investigative processes
  • Legal and regulatory aspects surrounding electronic discovery and analysis

Behavioral Skills

  • Communication skills - oral & written
  • Attention to detail / rigor
  • Ability to collaborate / Teamwork
  • Critical thinking
  • Analytical Ability
  • Ability to manage / facilitate a meeting, seminar, committee, training…
  • Ability to set up relevant performance indicators
  • Ability to understand, explain and support change
  • Ability to develop and leverage networks

Education Level: Bachelor Degree or equivalent, major in Computer Science, Information Systems, Engineering or a related field

Experience Level: Junior, 1-4 years of related experiences

Languages

  • Excellent level in verbal and written English and Mandarin is essential
  • Knowledge of French or Cantonese is a plus

Certifications: CISSP, CISM or CISA preferred

去原网站上申请