Job Description :
work authorization - any
location - Atlanta , GA
Data Loss Prevention (DLP) Analysts
Works with Business Unit Security Officers to review DLP events: Investigate user behavior to determine if activity is abnormal or part of existing practice using multiple tools (previous DLP events, Splunk etc. Escalate appropriate events; escalate egregious or malicious behavior to CIRT for further investigation/remediation. Collection of metrics; break down behavioral trends by department, policy, etc. and report metrics. Investigate ways to improve event detection; find methods to circumvent current detection rules and suggest changes accordingly. Preferred experience in : Symantec DLP, Splunk, Python, IDS/IPS, Network Experience