Information Security Analyst (Data Loss Prevention Analyst)

As a DLP Analyst at NiCE, your role will involve strengthening NiCE's data protection posture by monitoring, analyzing, and responding to data loss prevention alerts primarily through Microsoft Purview. You will play a crucial role in reviewing violations, advising IT on configuration improvements, and collaborating with business teams to address root causes of risky data handling. **Key Responsibilities:** - **Monitor & Analyze:** Review DLP alerts and violations in Microsoft Purview to identify trends, false positives, and potential data leakage risks - **Technical Feedback:** Recommend threshold adjustments, rule refinements, and configuration changes to IT owners to improve detection accuracy and reduce alert fatigue - **Business Engagement:** Liaise with business stakeholders to understand legitimate business needs driving DLP triggers (e.g., attempts to send sensitive data externally) - **Education & Awareness:** Provide feedback to business units on secure data handling practices, raising awareness of policy and compliance obligations - **Incident Response Support:** Escalate high-risk incidents to the Security Operations team and contribute to investigations as needed - **Continuous Improvement:** Track and report on DLP effectiveness, emerging trends, and propose enhancements to policies, workflows, and training **Qualifications Required:** - Experience with Microsoft Purview or other enterprise DLP solutions - Strong analytical skills with the ability to distinguish between false positives and genuine data risks - Understanding of data classification, data protection regulations (GDPR, NIS2, ISO 27001), and secure information handling - Ability to engage both technical teams (IT, infrastructure) and business stakeholders (non-technical staff) effectively - Excellent communication, presentation, and interpersonal skills - A high level of integrity, professionalism, and confidentiality - A proactive, collaborative, and problem-solving attitude **Certification Requirements:** - Familiarity with other Microsoft 365 security and compliance tools (Defender, Sentinel) - Knowledge of data governance and privacy frameworks - Relevant certifications (e.g., Microsoft Certified: Information Protection Administrator, ISO 27001, CISM, CIPP/E) - Prior experience in a security operations, risk, or compliance team At NiCE, you will have the opportunity to work in a fast-paced, collaborative, and creative environment with endless internal career growth opportunities. Join an ever-growing global company where innovation and excellence are at the core of everything we do. Enjoy the NiCE-FLEX hybrid model that offers maximum flexibility - 2 days working from the office and 3 days of remote work each week. Benefit from face-to-face meetings on office days that foster teamwork, collaborative thinking, innovation, and a vibrant atmosphere. Requisition ID: 8662 Reporting into: Director Role Type: Individual Contributor About NiCE: NICELtd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations. NiCE excels in AI, cloud, and digital domains and is recognized as a market leader with over 8,500 employees across 30+ countries.,