EY TC-CS-Data Protection Privacy-DLP CASB-Senior 

India, Karnataka, Bengaluru 

18824805

Your key responsibilities

• CASB Implementation and Management:
• Deploy and configure CASB tools: Follow vendor guidelines and best practices for setting up and configuring your CASB solution.
• Implement cloud data protection strategies: Use data loss prevention (DLP), encryption, and access controls to protect sensitive data.
• Manage and configure CASB policies: Define policies for cloud app usage, data exfiltration, and user activity based on your security needs.
• Perform regular maintenance and upgrades: Keep your CASB system up-to-date with the latest security patches and features.

Incident Response and Threat Management:

• Monitor and analyze CASB alerts and threat indicators: Investigate potential data breaches, unauthorized access, and other security incidents.
• Investigate and respond to CASB-related incidents: Follow your organization's incident response plan to contain and mitigate threats.

Data Control and Optimization:

• Configure CASB DLP features: Define data classification rules and policies to identify and protect sensitive data.
• Maintain and optimize the CASB platform: Regularly review and adjust settings to ensure optimal performance and effectiveness.
• Guide clients through CASB incident response procedures: Train users on how to report suspicious activity and follow incident response protocols.
• Provide technical support and training: Assist clients with using the CASB platform effectively and troubleshooting any issues.

Trusted Advisor and Security Expertise:

• Act as a trusted advisor: Offer guidance on cloud security best practices and CASB utilization to clients.
• Fill security gaps: Provide temporary support and expertise to organizations lacking internal security capabilities.
• Locate and identify sensitive data: Utilize advanced techniques to discover and classify sensitive data across various cloud platforms.
• Develop and implement data classification policies: Define consistent data tagging practices and implement robust DLP controls.
• Analyze alerts and remediate data loss incidents: Collaborate with internal teams to investigate and address data loss incidents.

Skills and attributes for success

• Should be a good team player.
• Excellent verbal and written communication skill.
• Proficient Documentation and Power Point skills
• Good social, communication and technical writing skills
• Should interface with internal and external clients.
• Strong analytical/problem solving skills.
• Ability to prioritize tasks and work accurately under pressure in order to meet deadlines.
• Should understand and follow workplace policies and procedures.
• Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager.

To qualify for the role, you must have

• Bachelor's or master’s degree in Computer Science, Information Systems, Engineering or a related field.
• At least 4-6 years of experience in supporting Data Security Technology.
• At least 4 years of experience in two or more of the following:
  • Information Security concepts related to Governance, Risk & Compliance
  • MS CASB Technology support and Event Handling
  • Good to have knowledge on - Data Loss Prevention, Data Discovery, Data Classification
• Experience of Administration of MS CASB tools which includes configuring policies, upgrading and patching for leading vendors. MDCA(previously known as MCAS), Netskope, Digital Guardium, McAfee, Forcepoint, Symantec CloudSOC, etc.
• Technical/Vendor certification will be added advantage.
• Experience in utilizing and good knowledge of other data protection technology like Endpoint Security Suite, EDR, ATP will be added advantage.
• Maintain current data protection and privacy expertise, skills and competences.
• Ability to independently research and solve technical issues.
• Demonstrated integrity in a professional environment.
• Knowledge of core Information Security concepts related to Governance, Risk & Compliance.
• Ability to work in and adapt to a changing environment.
• Extend required support for any reported data protection and privacy incidents such as information breaches and leakages.
• Ability to communicate in a clear and concise manner.

Ideally, you’ll also have

• Professional certificate or be actively pursuing related professional certifications such as the CompTia Security+, MS CASB, CISSP or Vendor/Technical certification. If not, certified candidates are expected to complete one of the business required certifications within 12 months of hire.
• To expect some weekend work and 20%-30% travel based on job requirement.

What we look for

• A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.
• An opportunity to be a part of market-leading, multi-disciplinary team of 2000 + professionals, in the only integrated global transaction business worldwide.
• Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.