Lead Dlp(Data Loss Prevention) Engineer

Job Description

Overview

The Senior DLP Analyst will be part of Our Company's Data Loss Prevention (DLP) Operations team. As a subject matter expert, the Senior DLP Analyst will design, implement, and maintain Our Company's DLP technology stack, focusing on the effective management of Microsoft Purview for data discovery and classification, DLP, Insider Risk and Data at rest scanning capabilities. This role requires collaboration with cross-functional teams of cyber, privacy, engineering, and data protection analysts to protect data in accordance with geographical regulations, contractual commitments, and confidentiality requirements. The Senior DLP Analyst will play a critical role in developing and deploying DLP solutions, ensuring data protection, and managing Insider Risk using the Microsoft Insider Risk Management solution.

Responsibilities

• Design, implement, and maintain Data Loss Prevention (DLP) technology solutions to protect Our Company data across servers, endpoints, and cloud environments.

• Design, maintain, and oversee technical architecture diagrams to support the DLP landscape.

• Configure and deploy infrastructure as needed to meet DLP program goals.

• Interface with colleagues to ensure proper maintenance of DLP infrastructure.

• Design and configure DLP endpoint agent software packages.

• Create new DLP policies and tune existing policies to reduce False Positives.

• Act as a subject matter expert in Microsoft Purview for data discovery and classification.

• Utilize Microsoft Information Protection (MIP) and Azure Information Protection (AIP) to effectively protect and classify data.

• Manage Insider Risk Management using the Microsoft Insider Risk Management solution to mitigate internal threats.

• Collaborate with key stakeholders to develop, deploy, and operate effective DLP solutions.

• Investigate and resolve incidents involving theft or loss of consumer data, employee data, business-sensitive data, and intellectual property.

• Create and maintain technical documentation.

• Stay up to date with the latest industry trends and best practices in data Loss Prevention, MIP/AIP, and Insider Risk Management.

Required Skills and Experience:

• 4+ years of industry experience in Information Security, Network Security, or Cyber Security roles.

• 1+ years additionally as a Network Admin, System Admin, Cloud Admin, or similar is strongly preferred.

• Deep technical competency in the following areas:
• End Point: Data Loss Prevention (DLP), Endpoint Detection and Response (EDR).SaaS: Collaboration tools including O365, Workday, etc.

• Experience and subject matter expertise in Microsoft Purview for data discovery and classification.

• Strong understanding of Microsoft Information Protection (MIP) and Azure Information Protection (AIP) for data protection and classification.

• Proficient in managing Insider Risk Management using Microsoft Insider Risk Management solution.

• Experience working in a Security Operation Center (SOC), security incident response teams, or roles involving security forensics.

• Analyze log and system data from the above list and other IT systems.

• Great writing and speaking skills.

• A positive "can-do" attitude.

• A willingness to learn and continuous self-improvement.

Minimum Qualifications:

• Bachelor's Degree or industry-equivalent work experience in cybersecurity, security architecture, and/or engineering in a converged security program.

• 3+ years of experience with designing, deploying, and maintaining a large-scale DLP program.

• Experience working with enterprise data protection technologies such as DLP (Emai, Endpoint and Network), User Behavior Analytics (UBA), Cloud Access Security Brokers (CASB), and O365 Environment.

• Ability to effectively communicate the business value of the DLP program, MIP/AIP, and Insider Risk Management to executive stakeholders.

• Ability to work as a member of a cross-functional team focused on aligning and supporting the organization's security goals.

• Ability to quickly assimilate new knowledge and remain current on new developments in cybersecurity capabilities, Microsoft Purview, MIP/AIP, and Insider Risk Management.

Sources

• Our Company Careers: https://www.Our Company.com/careers/

NOTICEFORINTERNALAPPLICANTS

In accordance with Managers' Policy - Job Posting and Employee Placement, all employees subject to this policy are required to have a minimum of twelve (12) months of service in current position prior to applying for open positions.

If you have been offered a separation benefits package, but have not yet reached your separation date and are offered a position within the salary and geographical parameters as set forth in the Summary Plan Description (SPD) of your separationpackage, then you are no longer eligible for your separation benefits package. To discuss in more detail, please contact your HRBP or Talent Acquisition Advisor.

Employees working in roles that the Company determines require routine collaboration with external stakeholders, such as customer-facing commercial, or research-based roles, will be expected to comply not only with Company policy but also with policies established by such external stakeholders (for example, a requirement to be vaccinated against COVID-19 in order to access a facility or meet with stakeholders). Please understand that, as permitted by applicable law, if you have not been vaccinated against COVID-19 and an essential function of your job is to call on external stakeholders who require vaccination to enter their premises or engage in face-to-face meetings, then your employment may pose an undue burden to business operations, in which case you may not be offered employment, or your employment could be terminated. Please also note that, where permitted by applicable law, the Company reserves the right to require COVID-19 vaccinations for positions, such as in Global Employee Health, where the Company determines in its discretion that the nature of the role presents an increased risk of disease transmission.

Current Employees apply HERE

Current Contingent Workers apply HERE

US and Puerto Rico Residents Only:

Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.

We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics. For more information about personal rights under the U.S. Equal Opportunity Employment laws, visit:

EEOC Know Your Rights

EEOC GINA Supplement

Pay Transparency Nondiscrimination

We are proud to be a company that embraces the value of bringing diverse, talented, and committed people together. The fastest way to breakthrough innovation is when diverse ideas come together in an inclusive environment. We encourage our colleagues to respectfully challenge one another’s thinking and approach problems collectively.

Learn more about your rights, including under California, Colorado and other US State Acts

U.S. Hybrid Work Model

Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, generally Tuesday, Wednesday and either Monday or Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, field-based positions; facility-based, manufacturing-based, or research-based positions where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance also does not apply to roles that have been designated as “remote”.

Under New York State, Colorado State, Washington State, and California State law, the Company is required to provide a reasonable estimate of the salary range for this job. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate’s relevant skills, experience, and education.

Expected salary range:

$111,400.00 - $175,300.00

Available benefits include bonus eligibility, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days. For Washington State Jobs, a summary of benefits is listed here.

Search Firm Representatives Please Read Carefully
Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.

Employee Status:

Regular

Relocation:

No relocation

VISA Sponsorship:

No

Travel Requirements:

10%

Flexible Work Arrangements:

Hybrid

Shift:

Not Indicated

Valid Driving License:

No

Hazardous Material(s):

na

Requisition ID:R281592