Back to jobs
Job Description
Team Overview:
The Digital Insider Risk (DInR) Department protects The Jones Financial Companies, and its subsidiaries (collectively, "the Firm") against risk stemming from user digital activity. The Digital Insider Risk and Data Loss Prevention (DLP) Analyst will be responsible for monitoring, analyzing, investigating and reporting of User Behavior Analytics and Data Loss Prevention alerts across various tools, ensuring the protection of client and Firm data. You will work closely with security analysts, engineers, and other IT professionals to enhance our security posture through the development and refinement of detection and enforcement rules.
In addition, this role will support the Firm’s emerging use of Artificial Intelligence and machine learning technologies by providing AI observability and risk oversight. This includes monitoring user interactions with AI systems, identifying potential misuse or data exposure, and partnering with engineering and risk teams to ensure AI systems operate securely, responsibly, and in alignment with Firm policies.
What You'll Do:
The Digital Insider Risk (DInR) Department protects The Jones Financial Companies, and its subsidiaries (collectively, "the Firm") against risk stemming from user digital activity. The Digital Insider Risk and Data Loss Prevention (DLP) Analyst will be responsible for monitoring, analyzing, investigating and reporting of User Behavior Analytics and Data Loss Prevention alerts across various tools, ensuring the protection of client and Firm data. You will work closely with security analysts, engineers, and other IT professionals to enhance our security posture through the development and refinement of detection and enforcement rules.
In addition, this role will support the Firm’s emerging use of Artificial Intelligence and machine learning technologies by providing AI observability and risk oversight. This includes monitoring user interactions with AI systems, identifying potential misuse or data exposure, and partnering with engineering and risk teams to ensure AI systems operate securely, responsibly, and in alignment with Firm policies.
What You'll Do:
- Monitor and investigate user activity involving AI-enabled tools (e.g., generative AI platforms, AI copilots, internal ML systems) to identify potential data leakage, policy violations, or misuse.
- Develop and maintain AI observability use cases to increase visibility into how AI systems are accessed, used, and abused across the Firm.
- Assess AI telemetry, logs, and metadata to understand data flows, user behavior patterns, and abnormal or risky AI usage.
- Partner with engineering and platform teams to define logging, monitoring, and alerting requirements for AI systems.
- Support AI governance initiatives by mapping observed AI usage to Firm policies, data classification standards, and insider risk indicators.
- Monitor, triage, investigate, and escalate UEBA and DLP alerts from multiple systems (e.g., Gurucul, XSOAR, Microsoft Purview, Proofpoint, Zscaler).
- Lead high-priority incident response activities related to insider risk and critical data exfiltration events.
- Perform initial analysis of data from a variety of sources (to include but not limited to host, network, cloud, messaging, application), correlating it to meaningful DLP and Insider Risk events.
- Support confidential and complex digital investigations.
- Generate informed reporting around security events and metrics.
- Document investigations in adherence to all audit and legal requirements.
- Support the development of documentation in support of response processes and/or procedures.
- Analyze incidents for patterns of data misuse or exfiltration across email, endpoints, cloud, and web.
- Provide mentorship and guidance to junior analysts, fostering a culture of continuous learning and professional development.