POSITION OVERVIEW
Fidelity National Financial (FNF) is seeking a DLP Security Analyst to join our Information Security Office’s Defend Team. The DLP Security Analyst safeguards the organization’s sensitive data across endpoints, email, cloud services, and on-prem systems. This role operates DLP technologies, analyzes incidents, partners with the Engineering Team, Privacy/Legal Team, and helps continually improve controls to reduce data exfiltration risk while enabling business productivity. You’ll be the front line for protecting confidential data (PII, PHI, PCI, IP) through event triage, forensic analysis, and response.
LOCATION
- This role sits 100% remote.
DUTIES & RESPONSIBILITIES
- Monitor DLP alerts across channels (endpoint, network/email, cloud/SaaS) and prioritize, triage, and investigate events.
- Perform evidence collection, and root cause analysis; escalate true positives to IR/SOC as needed.
- Document incident timelines and outcomes; maintain high-quality case notes and playbooks.
- Reduce false positives by accurately marking events during triage for reporting to the Engineering Team.
- Operate in DLP platforms (e.g., Proofpoint, Zscaler)
- Track and report KPIs (e.g., alert volumes, false-positive rate, mean time to triage/contain, coverage, repeat offenders).
- Identify emerging patterns (exfil paths, channels, departments) and propose control or process improvements.
- Review the DLP queue, triage top-priority alerts, and conduct investigations.
- Meet with Legal/Privacy to align on policy thresholds; brief IR/SOC on new exfil patterns.
- Generate weekly metrics; propose an improvement plan (e.g., labeling adoption or coaching campaigns).
- Participate in post-incident reviews and update playbooks.
MINIMUM REQUIREMENTS
- Bachelor’s degree or the equivalent combination of education, training, and work experience.
- Requires 1 – 3+ years in security operations, IR/SOC, or DLP-focused roles.
- Hands-on experience with one or more DLP platforms (e.g., Microsoft Purview DLP/Endpoint DLP, Symantec/Broadcom, Zscaler, Proofpoint).
- Some Working knowledge of data classification, encryption, endpoint controls, email security, CASB, and cloud security concepts.
- Understanding of regulatory requirements (e.g., PCI, HIPAA, SOX, GLBA) and privacy principles.
- Excellent analytical, documentation, communication, and complex thinking skills
PREFERRED EXPERIENCE
- Experience partnering with Legal, Privacy, Compliance, and HR teams on data protection initiatives and investigations.
- Scripting or automation experience (PowerShell, Python, or similar) to support DLP reporting, alerting, or operational efficiencies.
- Relevant security certifications preferred (such as CISSP, CISM, GIAC, or Microsoft Security certifications).
This position has the potential to earn compensation in the range of $75,000 - $100,000 annually based on location and job-related factors such as skillset and experience. Actual rate may vary within the range provided, depending on a number of factors, including skillset, experience and location. The base compensation is one component of the total rewards package offered to our employees, including optional health and welfare insurance (medical/dental/vision/life/disability); paid holidays, vacation, and sick time off; and matching 401(k) plan and matching employee stock purchase plan.
