Bloomberg

Security Analyst

Bloomberg$75K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3 years of experience in enterprise cybersecurity operations including threat monitoring and incident response.
  • Hands-on experience with data protection technologies like DLP and insider risk management tools.
  • Proficient in reviewing and triaging security alerts related to data security.
  • Collaborative experience with both technical and non-technical teams to resolve security issues.
  • Bachelor's degree in cybersecurity, IT, computer science, or related field; equivalent experience may suffice.
  • Foundational security certification required, such as CompTIA Security+ or GIAC Security Essentials (GSEC).
  • Preferred certifications include Microsoft SC100, SC200, CEH, or Associate level CISSP.

Responsibilities

  • Monitor and administer Data Loss Prevention (DLP) policies and controls.
  • Investigate incidents of potential data loss and unauthorized access.
  • Support initiatives related to AI-driven data security posture management.
  • Review movement and sharing of sensitive information among stakeholders.
  • Participate in and assist with data governance initiatives.
  • Review and triage security alerts from various platforms.
  • Conduct vendor security assessments and identify risks.

Benefits

  • Hybrid work schedule (3 days in office, 2 days remote).
  • Opportunity to work with cutting-edge AI and cybersecurity technologies.
  • Participation in a strong data governance program.
  • Engagement with diverse teams across technical and business units.
  • Professional development through preferred security certifications and training.
Full Job Description
Description:

The client is looking for (2) Security Analysts - Intermediate

Position Details:
This position supports the client's cybersecurity and data protection operations, with a focus on DLP, Insider Risk Management, Copilot/AI data security, auditing, vendor security reviews, and device patching. The analyst will review and triage security alerts, investigate access and movement of sensitive information, perform system and vendor audits, document findings, assist with incident escalation, and work with technical and business teams to strengthen the client's overall security and data governance posture.

Must Have/Required Skills
The candidate must have 3 years experience supporting enterprise cybersecurity operations, including threat monitoring, incident response, and risk analysis. The candidate must have 3 years hands-on experience working with data protection technologies such as data loss prevention (DLP), insider risk management tools, and data security posture management for AI (DSPM for AI). The candidate must have 3 years experience reviewing and triaging data related security alerts, analyzing access and movement of sensitive information, documenting findings, and escalating incidents according to established procedures. The candidate must also have 3 years of collaborating with technical and nontechnical teams to resolve security issues and supporting continuous improvement in the client's data security posture.
Preferred/Nice to Have Skills
Experience working with AI driven security tools, Cortex, particularly DSPM platforms designed to manage sensitive data used by AI systems, is preferred. Experience finetuning DLP policies, refining insider risk alerts, or supporting data governance programs is beneficial. Familiarity with Azure security, identity-based access controls, conditional access, and security automation or scripting is also preferred.

Required Education and/or Certifications
A bachelor's degree in cybersecurity, information technology, computer science, or a related field is required; equivalent experience may be considered. A foundational security certification such as CompTIA Security+ or GIAC Security Essentials (GSEC) is required. Preferred certifications include Microsoft SC100, SC200, CEH, or an Associate level CISSP.
Security Analyst Position Summary/Job Purpose:
The purpose of this position is to support the client's cybersecurity and data protection program by helping protect sensitive information, monitor security risks, and strengthen controls around AI, Copilot, DLP, Insider Risk, auditing, and vendor security

Key Responsibilities/Job Functions:
Data Protection & Data Governance
Monitor and administer Data Loss Prevention (DLP) policies and controls.
Investigate potential data loss, data exposure, and unauthorized access incidents.
Support Data Security Posture Management (DSPM) initiatives related to AI and Copilot.
Review the movement, storage, and sharing of sensitive information.
Assist in implementation of data classification and data handling requirements.
Participate in data governance initiatives and support data owners and stewards.

Security Monitoring & Incident Response
Review and triage security alerts from DLP, Insider Risk Management, DSPM, and other security platforms.
Investigate suspicious activity involving sensitive information.
Document findings and maintain investigation records.
Escalate incidents according to client incident response procedures.
Assist with containment, recovery, and post-incident activities.

Insider Risk Management
Monitor Insider Risk Management alerts and cases.
Analyze user activity associated with potential policy violations.
Conduct investigations while maintaining confidentiality and proper chain of evidence.
Recommend corrective actions and risk mitigation strategies.

Vendor Security Management
Participate in third-party and vendor security assessments.
Review vendor security documentation, audit reports, and questionnaires.
Identify cybersecurity risks associated with third-party services.
Assist in tracking remediation efforts and risk acceptance decisions.

Security Auditing & Compliance
Support cybersecurity audits and compliance reviews.
Collect and analyze evidence for regulatory and policy requirements.
Assist with risk assessments and control validation activities.
Maintain documentation supporting compliance efforts.

Collaboration & Reporting
Work with technical and non-technical staff to address security concerns.
Prepare reports, metrics, and presentations regarding security risks and trends.
Participate in cybersecurity awareness and training initiatives.
Recommend improvements to security policies, procedures, and controls.

Notes:
Hybrid (3 days in office, 2 days remote).

About Bloomberg

Bloomberg L.P. is a privately held financial, software, data, and media company headquartered in Midtown Manhattan, New York City. It was founded by Michael Bloomberg in 1981, with the help of Thomas Secunda, Duncan MacMillan, Charles Zegar, and a 12% ownership investment by Merrill Lynch. Bloomberg L.P. provides financial software tools and enterprise applications such as analytics and equity trading platform, data services, and news to financial companies and organizations through the Bloomberg Terminal (via its Bloomberg Professional Service), its core revenue-generating product. Bloomberg L.P. also includes a wire service (Bloomberg News), a global television network (Bloomberg Television), digital websites, a radio station (WBBR), subscription-only newsletters, and three magazines: Bloomberg Businessweek, Bloomberg Markets, and Bloomberg Pursuits.
Learn more about Bloomberg
Size
20,000 employees
Industry
Founded
1981

Similar Jobs

More Jobs at Bloomberg

More Information Technology Jobs

Find similar Security Analyst jobs: