Descrição

Cyber Security Threat Investigation

We are seeking skilled individuals to expand our Cyber Security team and provide exceptional service and trusted expertise across our business.

• This role will be part of our Cyber Defence department, where you will investigate Insider Threat and Data Loss Prevention (DLP) cases escalated by our L1 Insider Threat team. Reporting directly to the Global Head of Insider Threat, this position requires someone with strong Microsoft Purview DLP and Insider Risk Management (IRM) analyst experience.
• Performing advanced analysis and investigation of Insider Threat and DLP alerts across various egress channels in on-premise and cloud environments.
• Analyzing event/alert patterns to properly interpret and prioritize threats using available DLP and IRM tools and other data protection devices.
• Identifying trends and driving requirements to improve existing DLP and IRM detection policies.
• Collaborating closely with Cyber Defence teams, including the Global Security Operations Centre, as well as Legal, Privacy and HR teams when necessary, during investigations and incidents.
• Preparing detailed reports on security incidents, investigations, and mitigation efforts.
• Contributing to the fine-tuning of rules across detection tools by highlighting pain points to the Global Head of Insider Threat and Insider Threat Engineering Manager.
• Contributing to the development, improvement, and review of operational documents.