The Middle Data Governance Analyst will play a critical role in supporting the organization’s data protection and cyber governance program. This position focuses on the daily operation, monitoring, and management of data security platforms including Code42 (Insider Risk), Microsoft Purview (Data Loss Prevention & Information Protection), and Zscaler (Secure Web Gateway / Cloud DLP).

The ideal candidate is detail-oriented, technically curious, and eager to learn how to safeguard sensitive data across the enterprise. Working under the guidance of senior team members, this role ensures that data activity is continuously monitored, incidents are escalated appropriately, and governance policies are effectively enforced.

Data Security & Monitoring

• Monitor alerts, logs, and dashboards in Code42, Microsoft Purview, and Zscaler for indicators of data loss, misuse, or policy violations.
• Conduct initial triage of alerts to determine severity and business impact.
• Escalate incidents to the cybersecurity or insider threat teams based on defined playbooks and escalation criteria.
• Support ongoing tuning of detection rules, policies, and risk thresholds.
• Maintain daily health checks and ensure system uptime and data integrity across all data protection platforms.

Platform Operations & Maintenance

• Perform validation and testing of new data protection policies before deployment.
• Assist in integration efforts between data governance tools, SIEM platforms, and incident response systems.

Data Governance & Compliance Support

• Support data classification, retention, and protection initiatives in collaboration with privacy, compliance, and information security stakeholders.
• Help maintain and document data governance procedures, standards, and audit evidence.
• Participate in periodic reviews of data access, policy compliance, and exception management.
• Contribute to awareness and training efforts around secure data handling and insider risk prevention.
• Collaborate on continuous improvement initiatives to enhance automation, reduce risk, and improve user experience.

• 3 - 5 years of experience in Cybersecurity, Security Operations (SOC), Data Security, or GRC with exposure to data protection 
• Experience monitoring security alerts and logs, including triage, analysis, and escalation of incidents (e.g., SIEM)
• Basic to intermediate understanding of Data Loss Prevention (DLP) and data security concepts, including data classification, data handling, and insider risk.
• Experience using data security or monitoring tools such as Microsoft Purview, Code42 or Zscaler.
• Experience supporting incident response processes.
• Exposure to policy enforcement and rule tuning, with the ability to support adjustments to detection rules and thresholds
• Ability to document processes, incidents, and audit evidence in a clear and structured manner.
• Strong communication skills in English (written and verbal) to work with global stakeholders.
• Familiarity with NIST CSF (nice to have)