Data Loss Prevention-IT Security Analyst
Stanley Black & Decker - Towson, MD

This job posting is no longer available on Stanley Black & Decker. Find similar jobs:Stanley Black & Decker jobs

Summary :
The purpose of this position is to provide leadership in managing and leveraging Stanley Black & Decker’s investment in data loss prevention technologies. It must be able to demonstrate value to the business by showing a steady reduction in policy violations – thereby reducing overall risk to the business by protecting sensitive / proprietary information.

Major Responsibilities :
• Manage the DLP infrastructure – including the management server, Oracle server, and the monitoring servers. Ensure that all DLP infrastructure is kept up and running and that the DLP software is kept up to date.
• Monitor policy violations and report incidents to business process owners.
• Adjust policies to reduce the number of false-positives that a policy might produce.
• Create reports showing policy violations and deliver them to business process owners.
• Working with business process owners, develop remediation strategies to eliminate violations.
• Develop ongoing communications/education programs, targeted to employees, to reduce PII violations.
• Assist with security assessments for acquired companies as well as SBDK internal resources.
• Assist with the support and management of the web content filtering services – ie: Scansafe / anyconnect.
• Assist with the support and management of our event log management services – ie: AlertLogic
• Assist with the support and management of our user account management services – ie: MS FIM
Required Skills:
Expert knowledge in DLP techniques and technologies.
• Expert knowledge in compliance regulations such as SOX, HIPPA, PCI, and PII – both domestic and international.
• Must be able to work independently, must be self-motivated, and demonstrate initiative.
• Must have strong project planning/execution skills, verbal and written communications skills required.
• Must be able to work with all levels within the organization – from senior management to individual contributors.
Preferred Skills:
Working knowledge of vulnerability assessment tools like Rapid7’s Nexpose or similar products
• Working knowledge of Microsoft Forefront Identity Manager or similar Identity and access management solutions.
• Working knowledge of internet mail and the SMTP protocol and SSL/TLS.
• Working knowledge of Microsoft Exchange 2003and 2007.
• Working knowledge of Microsoft Active Directory, Windows 2003, Windows 2007. Windows XP, and Windows7 OS’s.
• Working knowledge of LDAP v3.0, including schema, editing tools, scripting tools, and export/import tools.
• Working knowledge of TCP/IP protocols, down to the packet level.
• Working knowledge of MS Outlook 2003 and Outlook 2007 including the configuration of LAN attached clients and mobile clients.
Education/Minimum Experience :
• 5 years of experience in an IT security role with practical experience in manage key components of an IT security infrastructure.
• BS degree in Information Technology or a related field and at least one IT security certification like the CISSP.

About this company
120 reviews
Since 1843, we’ve set the standard for excellence in everything we do. No company on earth has a stronger or more compelling history...