Data Loss Prevention Engineer
Posted on Feb 20, 2021 by Harvey Nash IT Recruitment Switzerland
For our client in Zurich we are searching for Data Loss Prevention Engineer for 12 months project
Job Title: Cyber Security Engineer - Data Loss Prevention Engineer
Starting form: 01/03/2021
Overview of business area or project:
The Enterprise Security Services (ESS) organisation has global responsibility for the design, delivery and operational support for business critical security services within the company. ESS is responsible for the key strategy, design and delivery of products and services including Data Leakage Prevention (DLP), Information Right Management, Public Key Infrastructure (PKI), Token Management, Internet Web authentication and entry security, application security testing and cloud security services.
The security specialist works across the above product and service areas, supporting the banks key strategic security programs. The role involves working with architects, engineers, business analyst and service designers with main focus on the creation of high and detailed level designs, product certification and integration into the bank's core platforms and eco-systems.
The focus for DLP is to enhance and standardize boundary protection by deploying the latest boundary scanning capability. This is augmented by industry leading data immunization user guidance controls to secure and control access to the Bank's most critical information assets.
Responsibilities include, but are not limited to, the following:
- Develop policies to monitor protected data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage) with response rules to prevent leakage of protected data.
- Develop workflow for incident and alert generation for protected data policy infringement (Archer RSA).
- Communicate with internal and external resources to ensure all polices meet compliance and security requirements for the customer.
- Troubleshoot issues that may arise from an incomplete scans, scan related performance issues, agent related performance issues, email and network traffic related performance issues and manage problems until closure.
- Perform system maintenance and maintain current documentation.
- Continuous configuration and tuning of DLP systems, policies and response rules.
- Ensure that Service Level Agreements (SLAs) are met.
- Perform technical configuration reviews.
- Provide assessment/audit support during internal or external audits including
- Enterprise Level Infrastructure Environment
- Implementations according to best industry practices and according to strict procedures.
- Strict financial industry compliance requirements
Essentials Skills and Qualifications:
- Graduate degree in Information Technology, Computer Science or related subject; alternatively an equivalent education in one of these topics.
- Proven track record of min. 5 years of work experience in IT and 2 years in a similar role (engineering/integration).
- Overall knowledge on security concepts (data security & application security).
- Good and strong knowledge in infrastructure components (DHCP, DNS, AD, virtualization).
- Experience with Symantec DLP, zScaler DLP, McAfee DLP, Microsoft AIP, RSA Archer.
- Understanding of mail transfer (Exchange, Office365, SendMail) and network technologies (Proxy, Firewall, VPN, etc.)
- Understanding of Open Systems Interconnection model (OSI model)
- Ability to coordinate and independently drive activities to an end.
- Experience in Information Rights Management, encryption technologies and methods is a plus;
- Fluent written and spoken English
Desired Skills and Qualifications:
- Working Experience with Windows and Linux on a System Administrator level (incl. Scripting)
- Experience with software packaging and versioning systems (eg. Odyssey)
- Ability in finding long-term IT solutions even if you are under pressure due to an IT incident
- Working knowledge & experience Data Loss Prevention/Information Rights Management (IRM) solutions
- Experience in financial industry will be an additional asset
- Any of industry recognized engineering and security certifications will be an advantage: CISSP, CISA, ISO27001, MCSE, RHCE, CCNE, CCSE
- Experience in Azure cloud based technologies is a plus.
- Experience in Information Rights Management,encryption technologies and methods is a plus;
Candidate Value Proposition:
- Have the opportunity to learn state of the art security engineering;
- Contribute during development, design and presentation of solution to senior management, in close collaboration with the IT security architects.
- Have the opportunity to grow your understanding of the Bank by working on a wide range of different security technologies across the Bank
- Assist in a variety of bank-wide initiatives and special projects
- Benefit from significant investments in your knowledge and skills sets.