667 words, 2.5 minutes read. By Gerard Blokdyk

Data Loss Prevention 1 big thing: Lead the Go Live activities to deploy the software successfully.

The big picture: Make sure your process reviews alerts detected by the Data Loss Prevention (DLP) tool and follow up with the business units to identify if process changes need to be made.

Why it matters: Certify your company is involved in a technical security engineering or operations role, including network security, operating system security, Internet or Web security, Data Loss Prevention (DLP), anti-malware, IDS/IPS, and penetration and vulnerability testing.

What we’re hearing: “Liaison so that your staff is documenting confirmed cybersecurity incidents by assembling factual information for the incident from all relevant SOC and external sources and coordinating analysis of the assembled information., Senior Principal Quality Assurance Engineer

What they’re saying: “Check that your operation maintains the quality of the Evergreen documentation to ensure the reliability for future related efforts or invest in remediating production incidents., System Engineer

Between the lines: Oversee that your organization is involved in generating daily and monthly reports, including items, as incident and service requests, software updates, and performance analysis for all tools against approved baselines.

Meanwhile: Secure that your personnel is revising and developing processes to strengthen the security operations framework, review policies, and highlight the challenges in managing Service Level Agreements (SLA) of the enterprise systems.

State of play: Secure that your operation analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture.

Yes, but: Invest in the process of implementing and maintaining current and supported levels of Anti Malware and Anti Spam technologies to protect your organization computing environment.

On the flip side: Coordinate and execute system install, configuration, integration, patching, upgrades, and changes ensuring adherence to (internal) client SDLC, ITSM, and other policies and procedures.

The backdrop: Certify your strategy defines and reviews security requirements and subsequently reviews complex systems to determine if they have been designed and established to comply with established standards.

Go deeper: Provide technical expertise as you communicate security architectural decisions, benefits, risks and other activities including vendor reviews, requirement definition, facilitation of security testing, and management of residual risk.

Be smart: Make sure the l Information System Security Officer (ISSO) supports all Risk Management Framework (RMF) activities including the process managing security and privacy risk, including information system categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.

The bottom line: Make sure the Data Security Manager is responsible for driving the security assessment program designed to identify and mitigate security risks as they relate to data.

What’s next: Design, deployment, and/or operation or traditional security technology, firewalls, anti-virus, intrusion detection/prevention (IDS/IPS), and associated routing and switching/networking skills (required).

ICYMI: Make headway so that your operation is involved in secure configuration of third party security products/services (DLP, Patch Management, Antivirus) and IT management products/services (Asset Management, Configuration Management ).


Look inside the Data Loss Prevention Kanban:



Want to reuse this data? Purchase your license here:

One-time payment for perpetual commercial re-use



Questions? Email us HERE


 

Get started: store.theartofservice.com/Data-Loss-Prevention-critical-capabilities/

 


Trusted by: Principal Financial Group, Molina Healthcare, North Carolina Dept of Revenue, US Office of the Chief Human Capital Officer, Liberty Mutual Insurance, US Office of General Counsel, Sierra Space, Blue Cross and Blue Shield of North Carolina, HCA Healthcare, US Defense Contract Management Agency, The Hanover Insurance Group, US Defense Threat Reduction Agency, Anthem, SPECTRUM, Logistics Integration Solutions (LIS), CorTech, Inseego, Benu Networks, EENetworks, Hurricane Electric, Amazon Web Services, Inc., Area 1 Security, AT&T, Crown Castle, Raytheon Intelligence & Space, Reasons could include: the employer is not accepting applications, is not actively hiring, or is reviewing applications, Goldbelt, Inc., Virginia Tech, Microsoft, BRMi, Crown Castle USA Inc., Dell Technologies, Oracle, Frontier Communications, Prisma Health, Applied Computer Techniques(Apcote), General Dynamics Information Technology, MetroNet, Peraton, Security PS, nFrastructure, Internap Holding LLC, University System of New Hampshire, ACI Federal™, Bryant Staffing Solutions, Bigleaf Networks, Juniper Networks, Boston College, ID Technologies, Itron, ManTech International Corporation, Parsons, Diamanti, Amazon.com Services LLC, CommScope, LTS, Sparklight, E&M Technologies, GCI, PacArctic LLC, IP Infusion Inc., NVIDIA, AlignTech, University of North Texas System, Booz Allen Hamilton, Race Communications, Kingfisher Systems, Inc., Arista Networks, TekSynap, Cohesity, Cognosante, LLC, eBay Inc., Leidos, Ukpeagvik Iñupiat Corporation/Bowhead Family of Companies, KGI Wireless, Lear Corporation, KROS-WISE, Intel, rtbrick.com, Zero Day Group, Google, Philips