DLP (Data Loss Prevention) Engineering:

• Serve as the primary owner and administrator for the enterprise DLP platform Trellix. This include but not limited to Health check, update, capacity & available management.
• Architect, deploy, and maintain DLP agents and policies across endpoints, network, and cloud (SaaS, IaaS) channels.
• Perform data flow analysis (DFA) and develop and fine-tune DLP policies to accurately detect and prevent the exfiltration of sensitive data (e.g., PII, PCI, PHI, Intellectual Property) while minimizing false positives.
• Investigate and respond to DLP alerts, leading the incident response process for potential data exfiltration events.
• Integrate DLP with other security systems (SIEM, SOAR, Email Security) for automated ticketing and enriched investigation.
• Reporting & Dashboarding along with DLP config management, policy changes & review

DAM (Database Activity Monitoring) Engineering:

• Manage the DAM solution platform (IBM Guardium) for administration & access management and monitor, capture, and analyze all database activity in near real-time.
• Deploy and maintain DAM sensors and agents across diverse database environments (e.g., Oracle, SQL Server, MySQL, AWS RDS, Azure SQL).
• Create and optimize DAM policies to alert (e.g. PII & financial data) on suspicious activities, privileged user misuse, and potential data breaches based on the MITRE ATT&CK framework.
• Conduct forensic analysis on database events to support incident investigations and compliance audits.
• Ensure the integrity and performance of the DAM infrastructure.
• Monitoring Report creation, review & submission, Config management, Sharing audit logs during internal and external audits
• Conduct data access reviews, anomaly detection, Database Risk review reporting
• Daily/Weekly/Monthly schedule and on-demand out of box reporting
• Interfacing with DBA team for testing and troubleshooting DAM controls

Program Management & Optimization:

• Continuously assess the effectiveness of DLP and DAM controls and recommend improvements.
• Develop and maintain detailed documentation of architectures, policies, procedures, and workflows.
• Stay current with emerging data security threats, technologies, and best practices.
• Manage the lifecycle of the DLP and DAM tools, including vendor management, licensing, and upgrade planning.

Collaboration & Compliance:

• Work closely with the Internal teams to ensure DLP/DAM controls meet regulatory requirements.
• Partner with IT, DevOps, and database administrators to ensure seamless deployment and minimize business disruption.
• Mentor junior analysts and serve as an escalation point for complex data security incidents.
• Generate and present metrics and reports on data protection program effectiveness to leadership.