DescriptionJob overview and responsibilitiesThe Senior Analyst, Data Protection, is responsible for advancing enterprise data protection capabilities through effective design and implementation of controls that reduce data exposure risk. This role focuses on protecting sensitive data across core workflows, including collaboration platforms, endpoints, and emerging technologies such as AI. The position emphasizes measurable control effectiveness, improved data visibility, and alignment of detection and prevention capabilities. This role partners across Cybersecurity, Legal, HR, and Technology to ensure data protection strategies are practical, scalable, and aligned to business risk.
- Data Protection Control Design & Implementation:
- Design and deploy data protection controls across key platforms (M365, endpoints, cloud) to prevent unauthorized data exposure. Focus on effectiveness, usability, and alignment to business workflows.
- Data Visibility & Classification Enablement:
- Drive improvements in data classification coverage and visibility using automated and semantic approaches. Ensure sensitive data is accurately identified and protected at scale
- AI & Emerging Technology Data Controls:
- Define and implement controls to govern the use of AI and emerging technologies, ensuring protection of sensitive data in prompts, outputs, and integrations.
- Risk Assessment & Exposure Reduction:
- Assess data exposure risks across enterprise environments and prioritize remediation actions that reduce real-world risk, beyond traditional egress-only models.
- Detection & Prevention Alignment:
- Partner with Insider Threat and Cyber teams to ensure alignment between detection signals and preventative controls, improving overall effectiveness of risk mitigation.
- Governance & Cross-Functional Alignment:
- Partner with Legal, HR, and business teams to ensure controls align with policy, regulatory requirements, and operational needs.
QualificationsWhat's needed to succeed (Minimum Qualifications):- Bachelor's degree required (Cybersecurity, Information Technology, Computer Science related majors preferred)
- 3+ years in STEM-related field
- Strong understanding of data protection principles, such as data classification, data lifecycle, and data exposure risks
- Experience designing and implementing data protection controls (i.e., DLP, endpoint controls, cloud data protection)
- Ability to assess and reduce data exposure across modern environments (M365, endpoints, cloud collaboration platforms)
- Familiarity with data classification approaches, including automated or semantic-based methods
- Understanding of data movement patterns and exfiltration techniques across enterprise environments
- Ability to evaluate control effectiveness and identify gaps based on real-world usage and risk scenarios
- Experience working with cross-functional partners (Legal, HR, Technology) to align controls with business needs and policy requirements
- Strong analytical and problem-solving skills with ability to translate risk into practical, scalable controls
- Effective communication skills to clearly articulate risks, control gaps, and recommendations to both technical and non-technical stakeholders
- Must be legally authorized to work in the United States for any employer without sponsorship
- Successful completion of interview required to meet job qualification
- Reliable, punctual attendance is an essential function of the position
What will help you propel from the pack (Preferred Qualifications):- Master's degree
- Relevant certifications like CISSP, CISA, CIPP, CIPT, CISM
- Hands-on experience with DLP platforms, data classification tools, or data security posture solutions
- Familiarity with Microsoft Purview / M365 data protection capabilities
- Experience implementing or supporting controls related to AI / Generative AI usage (i.e., data exposure in prompts, output handling, usage governance)
- Knowledge of endpoint data protection and monitoring technologies
- Experience tracking or reporting on data protection KPIs (i.e., data visibility, classification coverage, protected data)
- Understanding of how data protection and insider threat detection align to reduce overall risk
Job Posting End Date: 7/27/2026
