Information Security Engineer, Data Loss Prevention
Who we are:
Shape a brighter financial future with us.
Together with our members, we’re changing the way people think about and interact with personal finance.
We’re a next-generation fintech company using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world.
The Information Security Engineer, Data Loss is responsible for developing, implementing, and maintaining the organization's DLP detections based on current and future strategy. . This includes identifying and mitigating risks to sensitive data, such as intellectual property, customer information, and financial data. The Information Security Engineer, Data Loss will develop and implement policies, procedures, and technologies to protect the organization's data, and will use DLP tools to monitor and prevent unauthorized access to and exfiltration of sensitive data.
What you’ll do:
As an Information Security Engineer, Data Loss you will be responsible for developing, implementing, and maintaining the organization's DLP strategy. This includes:
- Identifying and assessing risks to sensitive data, such as intellectual property, customer information, and financial data
- Developing and implementing policies, procedures, and technologies to protect the organization's data
- Using DLP tools to monitor and prevent unauthorized access to and exfiltration of sensitive data
- Investigating and responding to DLP incidents
- Educating and training employees on DLP best practices
What you’ll need:
- 3+ years of experience in a cybersecurity role, with a focus on DLP
- Experience with cloud-based DLP solutions such as Proofpoint, Zscaler, Palo Alto Networks, etc
- Experience building detections in SIEMs
- Experience building Automations in SOAR
- Experience with incident response and forensics
- Excellent analytical and problem-solving skills
- Ability to work independently and as part of a team
- Excellent written and verbal communication skills
- Certifications such as Certified Information Systems Security Professional (CISSP), Certified in Information Security Management (CISM) or GIAC
Nice to have:
- Strong understanding of financial services regulations and guidance including GLBA, PCI, SOC1/SOC2, and SOX.
- Bachelor’s degree in Information Security, Information Systems, Information Technology, or a related field