Senior Associate, Cybersecurity Analyst, Information Security Services, Group

Business Function

Group Technology enables and empowers the bank with an efficient, nimble, and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group Technology, we manage most of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

We are seeking a dedicated and analytical professional to join the Data Protection Program within Information Security Services.

Responsibilities

1. Review and analyze data loss alerts, identifying potential data exfiltration attempts and policy violations.
2. Identify patterns and trends in data security incidents, recommending policy adjustments or enhancements.
3. Identify opportunities for process automation and standardization to reduce manual effort and minimize errors.
4. Collaborate with stakeholders to develop and refine Data Loss Prevention (DLP) detection use cases.
5. Work with business and IT teams to identify applications for onboarding into Unusual Employee Behaviour (UEB) monitoring.
6. Coordinate the onboarding of application logs, ensuring seamless integration with DLP and UEB platforms.
7. Establish and maintain guidelines and processes for the onboarding of new applications.
8. Provide advisory support and oversight for the DLP and UEB program, ensuring effective management of internal data loss risks.
9. Analyze and report key data loss metrics, demonstrating program effectiveness and identifying areas for improvement.
10. Participate in AI/ML Working Groups, sharing governance requirements with the team.
11. Ensure the Data Protection program remains aligned with industry standards and regulatory requirements, continuously updating controls to mitigate emerging risks.

Requirements

1. Min 3 years’ experience in DLP, IT Security, Cybersecurity, or Risk Management.
2. Hands-on experience with DLP tools (e.g., Symantec, Microsoft Purview, Forcepoint, McAfee).
3. Strong understanding of DLP policies, insider threat detection, and data security best practices.
4. Ability to work collaboratively with Support and Business Units to drive security initiatives.
5. Experience in User Behavior Analytics (UBA) is a plus.
6. Strong analytical and problem-solving skills to investigate and mitigate data loss incidents.
7. Self-directed and independent contributor.