Position Overview: The Junior SOC Analyst – DLP is responsible for monitoring, triaging, and processing Data Loss Prevention alerts according to customer-provided procedures and playbooks. This role follows predefined investigative steps, documents all actions taken, and escalates incidents to senior analysts or customer contacts when they exceed defined thresholds. This position operates within a shift based SOC environment and supports consistent incident handling practices.
Responsibilities:
Monitor DLP consoles, SIEM dashboards, and ITSM/ticketing systems for alerts and policy violations.
Perform initial triage of DLP alerts, validating details, classifying severity, and determining true vs. false positives using runbooks.
Execute customer provided steps such as user outreach, data classification checks, and basic containment actions.
Document all actions, findings, and communications within incident tracking systems. Escalate issues exceeding thresholds or deviating from standard procedure to senior SOC analysts or customer representatives.
Participate in shift handovers, clearly communicating in progress incidents and priorities.
Attend ongoing training related to DLP policies, SOC processes, and customer specific requirements.
Maintain understanding of sensitive data types and regulatory considerations (PII, PCI, PHI, intellectual property).
Tools and Technologies: DLP platforms (endpoint, email, web, cloud) SIEM monitoring tools Ticketing/ITSM systems (ServiceNow, Jira, Remedy) Standard productivity and Windows tools
