Job Title

Role descriptionThis job is centered around the following practical tasks:Security solutions managementAdminister and maintain DLP systems, with a focus on Code42 and Google Workspace DLP.define, implement, and fine-tune DLP policies and rules to detect and prevent unauthorized data transfers, data exfiltration, and data leakage.Analyse DLP logs and alerts to triage, investigate, and respond to potential security incidents, including identifying false positives and tuning rules for accuracy.create and maintain custom reports and dashboards to communicate DLP program effectiveness, metrics, and compliance postureCentrally administer and maintain endpoint security safeguards (Symantec Endpoint Protection) including antimalware, EDR/XDR, local firewall and web traffic filtering proxycheck endpoints for common security misconfigurations and compliance to industry security baselines (e.g. CIS)participate in approval of whitelisted applications and servicesanswer users requests regarding services and applications approvals, possible DLP exceptions, other endpoint security controlsReact to endpoint-related alerts and security incidents such as lost/stolen devices or ransomware infectionsBaseline Threat Intelligence & Incident ResponseAttack surface monitoring and potential risk spotting and checksMonitor data breaches, leaks and threat indicators related to our users, customers, and registered suppliers via threat intelligence tools in placeContact the affected parties and assist them with issue resolutionProduce relevant metrics and reports on threats and their resolutionCollaborate with IT and external SOC provider on incident-related mattersProducing relevant incident metrics and high level reportsSecurity and IT teams collaborationProcessing security tickets in Jira, user/stakeholder communicationsCollaborating with IT and external SOC provider on relevant alerts processing including in the SIEMContributing to security awareness user trainingParticipating in internal security audits, producing metrics and statistics for high level reportsGeneral requirementsHybrid work environmentWhere necessary, readiness to respond out of business hours taking into account Grid Dynamics geographyBeing able to take initiative in solving security problemsSelf-discipline and consistency in taking care of routine tasksBeing collaborative with other security team members, as well as IT and various development/engineering teams, or any users of the affected systemsTechnical skillsEssential skillsKnowledge and understanding of general information security conceptsExperience administering and supporting DLP solutions, including deployment, policy configuration, incident response, and system integration.Understanding of data classification and handling requirements, and how these intersect with DLP policies and business requirements.Centralised antimalware, EDR/XDR, local firewalling and web content filtering in enterprise environments with mixed OS endpoint milieuHands-on experience with threat intelligence, OSINT discovery, supply chain, and attack surface monitoring and alerting toolsNetwork/system reconnaissance and vulnerability scanningMacOS/Windows/Linux, TCP/IP foundations, AWS/GCP foundations, shell scriptingNon-essential, nice-to-have skills/experienceInterest in adapting AI/ML solutions to automate tasksExperience with Code42 and Google Workspace DLP/Google Security CentreExperience with Symantec Endpoint Protection (full suit)Experience with SOCRadar, DarkInvader, ASM, various OSINT toolsShell scripting for automating tasks (powershell, bash, ksh)Experience with SIEMs, in particular Elastic as SIEMExperience in incident response including computer forensicsUnderstanding data protection principles and regulatory compliance (e.g., CCPA, GDPR).