DLP Specialist

Job Summary :

The Data Loss Prevention (DLP) Specialist is responsible for the design, implementation, monitoring, and management of the organizations Data Loss Prevention program. The ideal candidate will have hands-on experience with DLP tools (e.g., Symantec, Forcepoint, Microsoft Purview, Digital Guardian, etc.), understand data classification methodologies, and possess a strong knowledge of data protection regulations such as GDPR, HIPAA, CCPA, etc.

Key Responsibilities :

DLP Strategy and Implementation :

• Design and implement enterprise-wide DLP policies, workflows, and controls to prevent unauthorized data exposure.
• Assist in selecting and deploying DLP solutions that align with business and security needs.
• Develop and manage DLP deployment and tuning plans in coordination with and Response :
• Monitor DLP alerts and incidents, investigate policy violations, and coordinate incident response.
• Perform forensic analysis and root cause analysis of DLP incidents.
• Work with SOC and threat intelligence teams to correlate DLP alerts with other security and Rule Creation :
• Develop and manage DLP policies for data in motion, data at rest, and data in use.
• Classify sensitive information (e.g., PII, PHI, PCI) using automated and manual processes.
• Continuously refine policies to reduce false positives while maintaining Classification and Protection :
• Implement data classification schemes and enforce tagging across the organization.
• Collaborate with data owners to define sensitivity levels and associated handling Risk, and Compliance :
• Ensure DLP policies support compliance with regulatory and legal requirements (e.g., GDPR, HIPAA, PCI-DSS, SOX).
• Participate in audits and risk assessments related to data protection.
• Prepare reports and metrics for leadership, regulators, and Collaboration :
• Liaise with IT, Legal, HR, Privacy, and Compliance teams to align DLP strategies with organizational objectives.
• Conduct awareness sessions and provide training to employees on DLP policies and Administration & Maintenance :
• Manage and maintain DLP technologies and integrate them with SIEM, CASB, and other security tools.
• Perform upgrades, patches, and system tuning to ensure optimal performance of the DLP Skills & Qualifications :
• Bachelor's degree in Information Security, Computer Science, or related field.
• 3- 7 years of experience in Information Security with at least 2 years focused on DLP.
• Hands-on experience with one or more leading DLP platforms (e.g., Symantec DLP, Microsoft Purview, Forcepoint, Digital Guardian, McAfee, etc.).
• Solid understanding of network protocols, email systems, cloud platforms (e.g., Office 365, AWS, Azure), and endpoint security.
• Knowledge of regulatory requirements (GDPR, HIPAA, CCPA, PCI-DSS, etc.).
• Experience with scripting and automation (PowerShell, Python, Bash) is a plus.
• Strong analytical, problem-solving, and communication skills.
• Relevant certifications preferred (e.g., CISSP, CISM, CEH, GIAC, CompTIA Skills :
• Experience with CASB, SIEM, UEBA, and Insider Threat programs.
• Familiarity with data discovery tools and methods (e.g., Varonis, Spirion).
• Exposure to cloud DLP tools (e.g., Microsoft Defender for Cloud Apps, Netskope, etc.).

(ref : hirist.tech)