Cybersecurity Risk Analyst (Data Loss Prevention / Data Risk)
Job ID
56242
Posted
23-Jun-2022
Service line
Corporate Segment
Role type
Full-time
Areas of Interest
Digital & Technology/Information Technology
Location(s)
Singapore - Singapore
This position is within the Governance, Risk & Compliance (GRC) function of CBRE’s Global Cyber Security Office (GCSO) and is responsible for the monitoring and/or maintenance of the enterprise Data Loss Prevention (DLP) solution. The main duties of the person in this role will include monitoring and responding to alerts that generate from the tool. This role will require day-to-day coordination and collaboration with a wide array of cybersecurity teams to enable DLP operations and response.

Roles and Responsibilities:
  • Serves as a subject matter resource within the D&T organization for data loss prevention (DLP) monitoring and controls
  • Reviews DLP alerts daily and action steps
  • Acts as a liaison DLP managed services team and D&T GRC DLP team
  • As directed, performs data scanning and discovery, prepares findings of results, coordinates remediation of control needs for data protection based on data classification found
  • Coordinates D&T resources and facilitates the meeting to ensure that tasks performed by D&T personnel meet remediation data protection control requirement
  • Prepares executive status report for distribution to D&T leadership
  • Performs periodic testing of key data protection controls as required by regulation, policy, or standards
  • Monitor and respond to alerts generated from the Data Loss Prevention (DLP) systems and other technologies
  • Work with cybersecurity partners and lines of business to remediate events
  • Collect DLP related metrics
  • Understand and follow the incident response process through event escalations
  • Make recommendations for enhancements to detection policies

Qualifications and Education Requirements:
  • Bachelor's degree in technology, cybersecurity or related field and 2 years of DLP support experience, or
  • 4 years of cybersecurity risk management or data risk governance combined experience working on data loss prevention, and/or data risk governance related responsibilities
  • 1 year of experience using SQL for analysing and reporting on data
  • Technical Experience DLP solutions, such as, Symantec DLP, Varonis, Proofpoint
  • Experience drafting DLP policy, procedures, and technical documentation
  • Experience working with Cloud Access Security Broker (CASB) solutions
  • Excellent communication and analysis skills with a focus on detail and execution
  • Ability to work with global teams and solve complex problems that arise during the process and communicate effectively with stakeholders, IT staff and management

Preferred Skills:
  • Experience with using Symantec Discovery scanning tools or equivalent
  • Experience with global data protection laws and regulations including GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Protection Act), China’s Personal Information Protection Law a plus
  • Experience working with IBM QRadar
  • Cybersecurity Certification(s) – CISSP, CRISC, GCIA, CDPSE, GMON, CEH, GDSA

If working with the best in an exciting and rewarding team environment appeals to you then we want to hear from you. Please attach your CV to your application.