Description :

This DLP & CASB L2 Engineer position is responsible for the operational management, investigation, and maintenance of data protection systems. The ideal candidate will possess hands-on experience with DLP and CASB platforms such as Forcepoint and Netskope, and the ability to collaborate effectively across security and business teams.

Key Responsibilities :

- Review and validate DLP and CASB alerts escalated by L1 analysts.

- Investigate potential data exfiltration, misuse, or policy violations across email, endpoint, and web channels.

- Escalate confirmed incidents to L3 SMEs or Incident Response teams with detailed context and evidence

- Collaborate with DLP/CASB SMEs to fine-tune detection rules and reduce false positives.

- Implement rule changes based on business requirements (typically 1050 per month for CASB)

- Support policy lifecycle management, including testing, deployment, and rollback procedures.

- Monitor the operational health of DLP and CASB platforms (e.g., Forcepoint, Netskope).

- Ensure integration with SIEM and ticketing systems is functioning correctly.

- Coordinate with OEMs and platform teams for patching, upgrades, and troubleshooting

- Maintain incident logs, RCA documentation, and policy change records.

- Contribute to monthly dashboards and SLA/KPI reporting for DLP/CASB operations

- Participate in governance reviews and client-facing reporting sessions.

- Work closely with L1 monitoring teams to guide triage and escalation practices.

- Support cross-skilling initiatives and contribute to SOP development

- Participate in threat modelling and use case development for data protection.