Data Protection Analyst

Our MissionProvide security teams with breakthrough visibility and control over all high-value enterprise data, transforming how organizations protect their data from IP theft and insider threats.About the RoleThis is an ideal opportunity for a highly motivated individual to get in on the ground floor as we build out our Professional Services and Managed Services functions at Cyberhaven. The Data Protection Analyst holds a key position in providing continuous value for our customers and is responsible for advancing the mission of identifying potential insider threats and investigating endpoint forensic incidents. You will be responsible for performing technical analysis of data security incidents, finding and exposing risk in a customers environment as well as handling documentation and project management aspects of incident response. You will also perform analysis of events and incidents.What you’ll do: 

• Provide insight into DLP analytics and related issues.

• Analyze Cyberhaven’s Data Detection and Response (DDR) platform event data to improve policies and incidents/alerts and bring focus to areas where data loss risk may exist.

• Refine datasets and policies and manage them as customers’ data risk strategy matures and business needs evolve.

• Prepare and present summaries and reports to internal team members.

• Eliminate noise and false-positive information from analytic results to enhance detection accuracy.

• Conduct forensic analysis on people, groups, and non sanctioned egress destinations as requested.

Who you are:

• 1-3 years’ experience in working with a data protection product, or adjacent security tool experience (EDR, SIEM, SOAR). 

• Knowledge of endpoint protection best practices and security incident mitigation workflows.

• 2+ years’ experience with Insider Threat Programs and Information Security. 

• Excellent problem-solving and analytical abilities with creative and logical thinking. 

• Highly motivated, customer centric person, strong customer empathy and focus. 

• Ability to work as part of a global team,

• Excellent written and verbal communication skills. 

What you should have:

• Familiarity with technologies that are adjacent to Cyberhaven in which we integrate, (SIEM/SOAR) are desired.

• Knowledge of security controls for the handling of sensitive data types.

• Understanding of macOS, Linux and Windows environments.

• Experience with  DLP, Insider Threat and CASB solutions

• Familiarity with cloud apps and services (GCP, AWS, Azure)

• Knowledge of SQL for writing queries and performing data analysis. 

• Experience designing, developing and maintaining interactive dashboards and data visualizations.

• Knowledge in modifying and developing XML-based content rules to refine DLP datasets

• Knowledge with general scripting for automation and utilizing APIs.

• Excellent communication and interpersonal skills required, with a passion for cloud security and emerging technologies.

Cyberhaven is the AI-powered data security company revolutionizing how companies detect and stop the most critical insider threats to their most important data. We've raised over $140M from leading Silicon Valley investors like Khosla and Redpoint. Cyberhaven is also backed by founders, executives, and security leaders who have built transformational technologies at Crowdstrike, Nutanix, Palo Alto Networks, Meta, Google, Slack, and others.

Our company values are:

• Think Deeply and Use Sound Reasoning

• Step Up and Take Ownership

• Continuously Learn and Grow

• Obsess About Customers

• Enjoy the Journey

• Reach for Ambitious Goals

Cyberhaven is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.