Cyber Security Analyst II

As a Cyber Security Analyst for Data Protection, you will play a key role in protecting AES enterprise data by working with a highly skilled team tasked with detecting, preventing, and responding to data loss and insider threats. This role requires hands-on technical proficiency in cybersecurity tools, scripting, and automation, combined with a strong understanding of data protection standards and compliance requirements. You will serve as a subject matter expert in data security technologies and help ensure technical enforcement of data protection strategies across the enterprise.

• Support the technical implementation and management of data governance and protection tools to ensure compliance with internal and external standards.
• Collaborate in the design, implement, and refine data protection processes and controls, including DLP rulesets, insider risk indicators, and automated remediation workflows.
• Maintain detailed documentation of system configurations, protection measures, and automated detection rules to support auditing and continuous improvement.
• Support the development and delivery of end-user training sessions and documentation to promote awareness and correct use of cyber policies and security technologies.
• Perform hands-on monitoring and tuning of SIEM/SOAR platforms such as Google SecOps and Exabeam, including building correlation rules and dashboards.
• Collaborate with engineers and system owners to integrate Microsoft Purview, Microsoft Defender, and related Microsoft security tools into enterprise workflows.
• Use scripting languages (e.g., Python, PowerShell, MS Graph) to automate detection, reporting, and response mechanisms for security events.
• Support data classification implementation and tag propagation throughout enterprise data environments.
• Develop Power BI dashboards and visualizations to report key security metrics, incidents, and policy enforcement trends.
• Perform technical impact assessments and provide guidance on security architecture for new systems or business processes involving sensitive data.
• Review and validate access control implementations across systems to ensure proper segmentation and privilege enforcement.
• Analyze data activity and audit logs for anomalies or policy violations, coordinating with stakeholders for remediation.
• Use Jira to track and manage assigned tasks, incidents, and requests related to data protection activities, ensuring timely updates and accurate documentation throughout the workflow.
• Respond to incidents involving data loss or policy violations, using forensic techniques and investigation tools as needed.

• Minimum of 4 years of experience in cybersecurity with a focus on technical execution of data protection strategies.
• Proficiency in SIEM/SOAR tools, and integration of security telemetry from endpoints, proxies, and Microsoft cloud services.
• Experience with data classification, lifecycle management, and structured policy enforcement using Microsoft Purview.
• Working knowledge of regulatory standards and data privacy frameworks (e.g., GDPR, CCPA) and how they are applied through technical controls.
• Ability to automate security tasks using Python, PowerShell, and Microsoft Graph API.
• Experience with log analysis, alert tuning, and forensic investigations related to data access and movement.
• Experience designing and maintaining dashboards in Power BI to support visibility into security posture and incident trends.
• Comfortable managing technical documentation and delivering security training to end users.
• Experience using Jira to manage tasks and document processes in a collaborative team environment.

• Certifications such as CISSP, CISM, CIPP/E, or CIPT that validate both technical and governance knowledge.
• Hands-on experience integrating DLP and insider risk controls across cloud and hybrid environments.
• Familiarity with NIST Cybersecurity Framework and ISO 27001 implementation from a technical perspective.
• Strong analytical and problem-solving abilities, with the ability to assess and respond to complex threats.
• Proven ability to work closely with IT, engineering, and compliance teams to operationalize data protection initiatives.
• Demonstrated ability to take initiative and drive tasks to completion with minimal supervision.
• Comfortable working independently and managing priorities in a dynamic, fast-paced environment.
• Proactive in identifying areas for improvement and offering solutions without waiting for direction.
• Fluency in Spanish (written and spoken).