Data Loss Prevention Sr. Manager - Hybrid

The Data Loss Prevention (DLP) Senior Manager will be responsible for leading a dedicated DLP Technical team which will focus on new Cyber Security Technology along with the mindset of creating an "Insider Threat Program".

The DLP Manager will need to ensure monitoring and responding to data loss/ insider threats that effect the Cigna environment.

Additionally, the DLP Manager will need to be engaged/ aware of the latest OpenAI Technology the Cyber Security force has to offer.

Responsibilities:

-Create and maintain policies within Data Loss tool to prevent risk to company

- Ability to review, manage and escalate Data Loss incidents to Senior Management for awareness and resolution.

- Managing the triage analysis and verification of information security threats.

- Knowledge of various tools and techniques for analysis and identification of the nature of threats.

- Perform security analysis of network traffic data and report on threats for handoff and additional analysis.

- Threat containment through use of threat management tools and infrastructure security controls.

- Support projects to assist in deployment, tuning and configuration of new technology.

- Analyze and review cases until closure which includes investigating and recommending appropriate corrective actions for cyber security incidents and communicating with the implementation staff responsible or taking corrective actions.

- Provide supporting evidence and tactical response resulting from technical analysis and direction of forensic investigations.

- Monitoring and providing some direction for administration of corporate perimeter security systems like firewalls, IDPS and SIEM.

- Provide recommendations of security improvements by assessing current situation, evaluating trends, and anticipating requirements.

- Support 24x7 on call for escalated security incidents on a rotational basis.

- Identify critical security issues and provide recommendations of risk-reduction solutions.

Technical Skills:

- Strong understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.

- Experience with log analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior

- Strong knowledge of Linux and Microsoft Windows Server or other operating systems.

-Strong understanding of Cloud Security (CASB)

- Knowledge of, and experience with, TCP/IP protocol and an understanding of packet analysis tools such as tcpdump.

- Working knowledge of common cyber security incident types such as denial of service attacks, malicious software infections, active intrusion techniques, and misappropriate use scenarios.

- Experience utilizing a broad array of security tools including Security Information and Event Management (SIEM) system, intrusion detection syst...