Back to jobs
D
Data Loss Prevention & Detection Specialist
Bucharest, Bucharest, ROPosted 2 months ago
hybrid
Job Description
Key Responsabilities
- Architect/engineer Data Loss Prevention security solutions covering Broadcom DLP EndPoint, Discovery
- Provide advice, training and support on DLP Policy development
- Support the architecture, design, deployment and integration of DLP solution
- Create engineering solutions for back-end management server infrastructure and databases
- Develop and maintain detection rules and use cases across security monitoring platforms (SIEM, EDR, NDR, cloud security tools).
- Analyse emerging threats and translate them into actionable detection logic.
- Continuously improve detection coverage based on threat intelligence, incident trends, and vulnerability exposure.
- Monitor security alerts and identify suspicious activities that may indicate malicious behaviour.
- Investigate anomalous events and determine whether they represent real security threats.
- Work closely with SOC analysts and incident responders to ensure detections support effective investigations.
- Reduce false positives by tuning detection rules and correlation logic
- Applying system, user and application changes as needed
- Tracking and troubleshooting user issues or tasks and incidents
- Create, review, maintain and update documentation including Documenting & Publishing fixes in central knowledge base
- Work with global teams to provide consistent processes and solutions
Tools & Technologies
- Security Information and Event Management (SIEM)
o Microsoft Sentinel
o Splunk Enterprise Security
- Endpoint Detection and Response (EDR/XDR)
o Microsoft Defender XDR
o CrowdStrike Falcon
- Network and Infrastructure Detection
o Network Detection and Response (NDR) platforms
o Intrusion Detection / Intrusion Prevention Systems (IDS/IPS)
o Firewall, proxy, VPN, and network telemetry solutions
- Cloud and Identity Security Monitoring
o Microsoft Entra / Azure AD logs
o Microsoft 365 security telemetry
- Threat Intelligence and Detection Engineering
o Threat intelligence platforms and indicator feeds
o MITRE ATT&CK mapping and detection use case libraries
o IOC/IOA-based detection content
Experience and skills required
- Bachelor’s degree in information technology, Computer Science or a related discipline
- 5+ years of experience in data leakage analysis or data loss prevention for an enterprise network, cybersecurity monitoring, detection engineering, or SOC operations.
- Strong background of architecting, engineering and automating security solutions for a global environment of focusing on Data Leakage Solutions
- Log analysis and event correlation
- Detection rule development
- Advance knowledge of security monitoring tools (SIEM, EDR/XDR, NDR)
- Good scripting knowledge (Python, PowerShell, or similar)
- Knowledge of common attack techniques and tactics
- Understanding of network protocols and system behaviour
- Knowledge of Symantec, Broadcom and O365
- Understanding of SIEM integrations
- General knowledge of infrastructure (LDAP, Group Policy, Kerberos, Active Directory, etc.) and networking (routing, firewalls, OSI Model, packet trace and analysis, etc.)