DataProtectionAnalyst

About the role This is an ideal opportunity for a highly motivated individual to get in on the ground floor as we build out our Professional Services and Managed Services functions at Cyberhaven. The Data Protection Analyst holds a key position in providing continuous value for our customers and is responsible for advancing the mission of identifying potential insider threats and investigating endpoint forensic incidents. You will be responsible for performing technical analysis of data security incidents, finding and exposing risk in a customers environment as well as handling documentation and project management aspects of incident response. You will also perform analysis of events and incidents. What you’ll do - Provide insight into DLP analytics and related issues. - Analyze Cyberhaven’s Data Detection and Response (DDR) platform event data to improve policies and incidents/alerts and bring focus to areas where data loss risk may exist. - Refine datasets and policies and manage them as customers’ data risk strategy matures and business needs evolve. - Prepare and present summaries and reports to internal team members. - Eliminate noise and false-positive information from analytic results to enhance detection accuracy. - Conduct forensic analysis on people, groups, and non sanctioned egress destinations as requested. Who you are - 2–5 years with data protection or adjacent security tools (EDR, SIEM, SOAR) and 2+ years in Insider Threat/InfoSec. - Strong grasp of endpoint protection best practices and incident mitigation workflows. - Experience with DLP, Insider Threat, CASB and controls for handling sensitive data. - Comfortable across macOS, Linux, Windows and cloud platforms (AWS, GCP, Azure). - Data & automation: SQL for analysis; build/maintain dashboards; edit XML-based DLP rules; script and use APIs. - Excellent problem-solving and communication skills; collaborative on a global team; customer-centric with a passion for cloud security and emerging tech. Joi