Job Title

Role description This job is centered around the following practical tasks: Security solutions management Administer and maintain DLP systems, with a focus on Code42 and Google Workspace DLP. define, implement, and fine-tune DLP policies and rules to detect and prevent unauthorized data transfers, data exfiltration, and data leakage. Analyse DLP logs and alerts to triage, investigate, and respond to potential security incidents, including identifying false positives and tuning rules for accuracy. create and maintain custom reports and dashboards to communicate DLP program effectiveness, metrics, and compliance posture Centrally administer and maintain endpoint security safeguards (Symantec Endpoint Protection) including antimalware, EDR/XDR, local firewall and web traffic filtering proxy check endpoints for common security misconfigurations and compliance to industry security baselines (e.g. CIS) participate in approval of whitelisted applications and services answer users requests regarding services and applications approvals, possible DLP exceptions, other endpoint security controls React to endpoint-related alerts and security incidents such as lost/stolen devices or ransomware infections Baseline Threat Intelligence & Incident Response Attack surface monitoring and potential risk spotting and checks Monitor data breaches, leaks and threat indicators related to our users, customers, and registered suppliers via threat intelligence tools in place Contact the affected parties and assist them with issue resolution Produce relevant metrics and reports on threats and their resolution Collaborate with IT and external SOC provider on incident-related matters Producing relevant incident metrics and high level reportsSecurity and IT teams collaborationProcessing security tickets in Jira, user/stakeholder communications Collaborating with IT and external SOC provider on relevant alerts processing including in the SIEM Contributing to security awareness user training Participating in internal security audits, producing metrics and statistics for high level reports General requirements Hybrid work environment Where necessary, readiness to respond out of business hours taking into account Grid Dynamics geography Being able to take initiative in solving security problems Self-discipline and consistency in taking care of routine tasks Being collaborative with other security team members, as well as IT and various development/engineering teams, or any users of the affected systemsTechnical skillsEssential skillsKnowledge and understanding of general information security concepts Experience administering and supporting DLP solutions, including deployment, policy configuration, incident response, and system integration. Understanding of data classification and handling requirements, and how these intersect with DLP policies and business requirements. Centralised antimalware, EDR/XDR, local firewalling and web content filtering in enterprise environments with mixed OS endpoint milieu Hands-on experience with threat intelligence, OSINT discovery, supply chain, and attack surface monitoring and alerting tools Network/system reconnaissance and vulnerability scanning MacOS/Windows/Linux, TCP/IP foundations, AWS/GCP foundations, shell scripting Non-essential, nice-to-have skills/experience Interest in adapting AI/ML solutions to automate tasks Experience with Code42 and Google Workspace DLP/Google Security Centre Experience with Symantec Endpoint Protection (full suit) Experience with SOCRadar, DarkInvader, ASM, various OSINT tools Shell scripting for automating tasks (powershell, bash, ksh) Experience with SIEMs, in particular Elastic as SIEM Experience in incident response including computer forensics Understanding data protection principles and regulatory compliance (e.g., CCPA, GDPR).