The role is for an analyst to triage DLP alerts, and ensure that events aresent to the correct channel. This does not include Technology support to DLP
The work is based on taking data from multiple DLP platforms (technologies), analysing the data, and any corresponding information to understand the implications or impact of what the alerts are saying within the context of the situation.
Analyst will do initial triage and communicate with the relevant stakeholders
An alert may be deemed as a False Positive requiring no further action or may be an identified as incident and need to have further investigation and information collected to be passed on to the appropriate team.
Background in Triage/Monitoring is essential, preferably DLP triage
Previous work in corporate security environment is ideal
There will be a requirement to share knowledge, and contribute to the wider teams understanding, as apattern may arise that others may not be aware of. This may include making or reviewing suggestions for policy changes or creating new policies.
The role will require a person to be discreet and sensitive due to the nature of the work
Inquisitive as an alert in itself may only be part of a bigger picture of a more severe incident
Good time management, as there are likely to be a lot of incidents to work through in a logical manner
Approachable and able to empathise with the business stakeholders, however, being able to make suggestions on how to improve and address identified issues
Conducting a detailed analysis to establish validity of DataLoss events
Presenting findings of analysis in appropriate manner by means of reports, evidence summaries or briefings
Identifying new potential risks to Data security and malicious behaviours to derive improvement steps for DLP process
Provide support to the VGCS Investigations & Crisis Management Adviser in response to Data Loss incidents & the correlation of additional data where required
Experience in a compliance or regulatory environment
Core competencies, knowledge and experience:
Knowledge and experience:
Excellent communication skills as will be expected to produce ad-hoc reports and delivering them to teams within the wider business
Work in a methodical way.
Having a qualification or extensive work experience in one or more of the following: Computer Forensics, E-Discoveryor relevant work experience
• Experience of Symantec DLP v12.5or above
• A good understanding of the Vodafone business, or experience from another telecoms company
• It would be beneficialto have in depth knowledge of information security laws, and legal issues suchas: Regulation of Investigatory Powers Act 2000 (RIPA), Data Protection Act (DPA), Computer Misuse Act (1990), ISO 207001 or 27002
• Understand and have experience of the risks and containment for information security
• Understanding of data protection, financial data, customer data etc is also ideal
Must have technical / professional qualifications:
Excellent communication capabilities to provide Rapid and concise summaries of complex scenarios
Proven track of experience in the area of information technology, networks or telecommunications
Work experience in a large global enterprise.
Impact on the business:
Managing and defining the investigation response process for Group and Local market customers is also key aspect of this job; providing direct support to less mature markets while influencing the strategic direction of more mature markets to ensure that their cyber forensic investigative capabilities are conducted to an excellent legally defensible standard; minimising the risk to the organisation. The role holder should be able to communicate and influence with technical engineers, operational teams, or customers.
Leadership and teamwork:
Expected to manage and lead security incidents and technology projects, to highlight and clearly
Must be able to articulate Vodafone's Technology Security vision with regards to protection of all company critical assets across many different layers of management and stakeholders (internal and external). Should be able to work within a global environment and be sensitive to cultural considerations.