Key Responsibilities

• Architect and engineer Data Loss Prevention security solutions, covering Broadcom DLP Endpoint and Discovery. 
• Provide advice, training and support on DLP policy development. 
• Support the architecture, design, deployment and integration of DLP solutions. 
• Create engineering solutions for back-end management server infrastructure and databases. 
• Develop and maintain detection rules and use cases across security monitoring platforms, such as SIEM, EDR, NDR and cloud security tools. 
• Analyze emerging threats and translate them into actionable detection logic. 
• Continuously improve detection coverage based on threat intelligence, incident trends and vulnerability exposure. 
• Monitor security alerts and identify suspicious activities that may indicate malicious behavior. 
• Investigate anomalous events and determine whether they represent real security threats. 
• Work closely with SOC analysts and incident responders to ensure detections support effective investigations. 
• Reduce false positives by tuning detection rules and correlation logic. 
• Apply system, user and application changes as needed. 
• Track and troubleshoot user issues, tasks and incidents. 
• Create, review, maintain and update documentation, including documenting and publishing fixes in the central knowledge base. 
• Work with global teams to provide consistent processes and solutions. 

Tools & Technologies

Security Information and Event Management — SIEM

• Microsoft Sentinel 
• Splunk Enterprise Security 

Endpoint Detection and Response — EDR/XDR

• Microsoft Defender XDR 
• CrowdStrike Falcon 

Network and Infrastructure Detection

• Network Detection and Response — NDR platforms 
• Intrusion Detection / Intrusion Prevention Systems — IDS/IPS 
• Firewall, proxy, VPN and network telemetry solutions 

Cloud and Identity Security Monitoring

• Microsoft Entra / Azure AD logs 
• Microsoft 365 security telemetry 

Threat Intelligence and Detection Engineering

• Threat intelligence platforms and indicator feeds 
• MITRE ATT&CK mapping and detection use case libraries 
• IOC/IOA-based detection content 

Experience and Skills Required

• Bachelor’s degree in Information Technology, Computer Science or a related discipline. 
• 5+ years of experience in data leakage analysis or data loss prevention for an enterprise network, cybersecurity monitoring, detection engineering or SOC operations. 
• Strong background in architecting, engineering and automating security solutions for a global environment, with a focus on Data Leakage / Data Loss Prevention solutions. 
• Experience with log analysis and event correlation. 
• Experience in detection rule development. 
• Advanced knowledge of security monitoring tools, such as SIEM, EDR/XDR and NDR. 
• Good scripting knowledge, such as Python, PowerShell or similar. 
• Knowledge of common attack techniques and tactics. 
• Understanding of network protocols and system behavior. 
• Knowledge of Symantec, Broadcom and O365. 
• Understanding of SIEM integrations. 
• General knowledge of infrastructure, such as LDAP, Group Policy, Kerberos and Active Directory. 
• General networking knowledge, such as routing, firewalls, OSI model, packet tracing and analysis.