Data loss prevention senior analyst

Position scope

The Cyber Security Data Protection service is responsible for multiple programs across Ford to enable a securely connected digital business as well as preventing the unauthorized disclosure of the company’s most sensitive data. The service team is responsible for both the Insider Threat program and Data Loss Prevention program to increase our security posture against data loss. The DLP Analyst will be primarily responsible for the maintenance and daily monitoring of the enterprise Data Loss Prevention (DLP) solution. The main duties of the person in this role will include proper care and administration of the Data Loss Prevention (DLP) environments and monitoring and responding to the alerts that generate from the tool. The DLP Analyst will also assist with automating and improving the existing processes, constantly developing and owning new automation solutions and projects.

Background, Experience and Minimum Qualifications

Education: bachelor’s degree or higher, ideally in IT domain

Experience: ideally at least 2 years in a cybersecurity role

Competencies:

• Good understanding of the information security role, full compliance within a global organization.

• Experience with case management tools

• Experience with monitoring alerts is preferable

• Understanding of security practices

• Knowledge with one or more technology areas (e.g. operating systems, network, database, programming/coding, etc.)

• Experience or strong interest with data analysis and collaborative tools

• Experience/knowledge of one or more security domains (Risk Management, Asset Security, Architecture & Engineering, Communication & Network, Identity & Access Management, Assessment & Testing, Operations, Software Development)

• Knowledge or strong interest with one or more of the following: IT Asset Management, Active Directory, HTML

• Proficient in MS Office

• Experience/ willing to work with multicultural, cross-functional and/or multi-regional teams

• Experience with technical analysis for defining the needed specifications to effectively enhance the software systems used by DLP which are meant to fulfill cyber security department requirements.

• Experience with automation tools, programming languages and cloud platforms is a plus.

• Knowledge about performance, scalability, enterprise system architecture, and engineering best practices.

Languages:

• Fluent in English, written and verbal

• Ability to read additional language(s) (e.g. Spanish, Mandarin, Portuguese, French, German, etc.) is a plus

Soft skills

• Strong problem solving, decision making and analytical skill

• Process driven mind-set; can-do, find-a-way attitude

• Ability to work independently, manage work to ensure quality, on-time delivery

• Team player able to work effectively at all levels of an organization

• Demonstrate integrity in a professional environment

• Strong written/oral communication skills (including management collaboration)

• Highly motivated and self-driven

• Excellent interpersonal skills

• Strong leadership skills

Responsibilities specific to the position

• Remediate DLP alerts and perform analysis for triage/escalation

• Analyze and aggregate data loss prevention information to support the enhancement/tuning of existing policies and determine additional controls

• Implement and execute special monitoring requests coming from regional or global stakeholders • Produce automated metrics reports that track and sustain the overall productivity of the team

• Establish and manage relationships with key business customers

• Define, implement and support process and technology improvements related to preventing unauthorized disclosure, modification, removal or destruction of information (e.g. USB block, User Notification, Whitelisting devices/URL programs)

• Maintain, support, assess systems and improve the performance of existing software applications and ticketing tools.

• Constantly seek to develop new automated processes, that reduce the manual work and increase the overall productivity of the team

• Keep detailed records of development processes within Agile tools such as GitHub and Jira

• Knowledge with version control practices (branching, merging, etc.)

• Support the development of technologies and processes; perform trials, testing and quality checks to ensure strong functionality and optimization

• Collaborate with other global development teams and partners to develop new testing scenarios and maintain existing plans

• Monitor data flows to protect the confidentiality and integrity of company, customer and employee data and ensure compliance with organization policies and standards.

• Define new automation systems that demonstrate full and complete understanding of service interdependencies and limitations

• Maintain and develop new security policies based on company or organizational needs

• Collaborate with key stakeholders to finetune and reduce the number of false positive alerts, constantly seeking to improve the accuracy of the DLP policies

• Maintain the confidentiality related to the professional secret and the security of the documents manipulated and administrated by him / her

• Improve existing automation systems that demonstrate full and complete understanding of service interdependencies and limitations.

• Holds the disciplinary, fiscal and penal responsibility, as applicable, for not fulfilling or for the improper fulfilling of the job responsibilities

Our benefits:

• Hybrid working model supporting work-life balance

• Increased vacation plan

• Christmas, Easter, Vacation and March bonus

• Bonuses for special family events

• Transportation allowance

• Car purchasing special programs

• Meal tickets

• Team events

• Bookster

• Fresh fruits in the office

• Discount to gym activities and restaurants

• Mental health care program

• Volunteering programs

• Friendly working space close to metro station