The Data Loss Prevention (DLP) Administrator within the Cyber Security and Risk Management (CSRM) team is responsible for managing and monitoring enterprise Cloud, Endpoint, and Network DLP solutions. This role entails maintaining DLP environments, promptly responding to alerts, and ensuring their scalability and reliability. Collaboration with Security Operations Analysts, Engineers, Architects, Security Managers, and internal stakeholders is crucial. Key responsibilities include advising on data security best practices, configuring and maintaining DLP/CASB solutions, and aligning these with CNB's IT and business goals to enhance data security strategies. The DLP Administrator builds strong relationships across all organizational levels and interfaces professionally with internal and external parties, including federal and state agencies.

Critical to the role is the exercise of discretion, independent judgment, and the ability to make decisions on significant matters. This includes applying systems analysis techniques, consulting with users to define specifications, designing, developing, documenting, and testing computer systems and programs, and potentially modifying machine operating systems. These tasks collectively require advanced technical skills and strategic alignment with organizational objectives.

This position demands a proactive approach in ensuring top-tier client experiences, prioritizing security, and maintaining operational efficiency within dynamic IT environments.

Principal Duties & Responsibilities:

• Resolve issues with CNB's DLP technology internally and with vendors (troubleshooting, upgrades, etc.).
• Administer enterprise DLP tools, including configuring policies, rules, and alerts.
• Monitor and triage alerts from DLP systems and other technologies.
• Make decisions regarding incident response through event escalations.
• Analyze and escalate DLP incidents to the Cyber Security Incident Response Team (CSIRT).
• Maintain and oversee data security controls to protect company and client confidentiality.
• Collaborate with CSRM team members to ensure security tools are appropriately configured for logs, reporting, alerts, and other relevant data.
• Provide subject matter expertise and research compensating controls to meet business objectives.
• Design and implement security solutions that enforce DLP data security best practices.
• Engage in enterprise and security project-related tasks as needed.
• Identify, prioritize, and implement security-related requirements, enabling project teams to deliver secure IT solutions through effective risk management and threat modeling.
• Resolve technical problems by developing access management solutions and procedures that mitigate risk and meet business requirements.
• Implement process improvements to address deficiencies.
• Oversee the design, implementation, maintenance, and troubleshooting of the organizations Cloud, Endpoint, and Network DLP platforms.
• Manage integration, policy development, and incident handling for DLP platforms.
• Communicate and engage with CNB Technical Services when IT resources are required for problem investigation.
• Identify and act on opportunities to optimize processes, avoid costs, and reduce expenses.
• Provide exceptional customer support across all supported services.
• Support regular reporting of key performance and risk indicators related to Cyber Security and IT Risk Management.
• Coordinate delivery of cyber security governance, metrics collection, and global reporting capabilities.
• Define budget for software and hardware maintenance and upgrades and communicate with appropriate teams.
• Create, plan, and execute data security training.
• Stay updated on industry changes in data security strategies, best practices, and technologies.
• Provide work effort estimates based on business requirements.
• Support other investigative teams on time-sensitive, critical investigations.
• Review and maintain process/procedure documentation.
• Prepare and support data security-related presentations.
• Interface professionally with internal and external contacts, including examiners, assessors, auditors, service providers, vendors, employees, and internal departments.
• Utilize systems analysis techniques and consult with users to determine hardware, software, or system functional specifications.
• Design, develop, document, analyze, create, test, or modify computer systems or programs based on and related to user or system design specifications.
• Design, document, test, create, or modify computer programs related to machine operating systems.
• Apply a combination of the aforementioned duties, which require a high level of skills in systems analysis and computer system development.

• 2-4 years of experience in Security Operations/Engineering function required.
• 2-4 years of experience in Data Loss Prevention (DLP) Technology support and Event Handling function required.
• Familiarity with administering policies, rules, and alerts in cybersecurity solutions.
• Proficiency in incident handling procedures, including triaging and escalating security incidents.
• Knowledge of common regulatory requirements and laws, such as:
  • Federal Financial Institutions Examination Council (FFIEC)
  • Sarbanes-Oxley Act (SOX)
  • California Consumer Privacy Act (CCPA)
  • Gramm-Leach-Bliley Act (GLBA)
• Demonstrated high degree of integrity, trustworthiness, and confidence with the ability to represent the company and its management team professionally.
• Ability to work independently, multitask effectively, and take ownership of various aspects of projects or initiatives.
• Capability to perform effectively under pressure, managing tight deadlines, and adapting to unexpected changes in expectations or requirements.
• Strong oral and written communication skills, enabling clear and effective interaction with stakeholders.

• Bachelors degree in information technology, Computer Science, or related field required.

• Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
• Please view Equal Employment Opportunity Posters provided by OFCCPhere.
• The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
• Reasonable accommodation may be made to assist individuals with disabilities to complete the online application process. Please contact our Human Resources Department at 305-577-7680 or by e-mail at employment@citynational.com.