Data Loss Prevention (DLP) Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nightfall AI · 1 month ago

Data Loss Prevention (DLP) Analyst

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level
date3+ years exp

Nightfall AI is an AI-native platform specializing in data loss prevention and insider risk management. As a DLP Analyst, you will protect sensitive data by operationalizing data loss prevention, monitoring alerts, conducting investigations, and advising customers on best practices to mitigate insider threats.

AnalyticsArtificial Intelligence (AI)Cloud Data ServicesData Center AutomationMachine LearningSaaS
check
H1B Sponsor Likelynote

Responsibilities

Monitor and analyze DLP alerts across endpoint, browsers, SaaS, and AI applications to identify potential data exfiltration events, policy violations, and insider threats
Conduct real-time triage of security alerts, distinguishing between true positives and false positives using behavioral context, data lineage analysis and sensitive findings
Perform detailed forensic investigations into data loss incidents, analyzing user activity, data movement patterns, and exfiltration vectors (email, web uploads, removable storage, print, source code exfiltration, desktop apps, GenAI apps etc.)
Understand and follow incident response processes and escalation procedures, coordinating with customer incident response teams on high-severity cases
Document investigation findings, evidence trails, and remediation recommendations with clear, actionable reports
Configure and maintain DLP policies based on customer data classification schemes, compliance requirements (GDPR, HIPAA, PCI-DSS, SOX), and business objectives
Continuously tune detection rules and sensitivity thresholds to reduce false positives while maintaining high detection accuracy
Identify patterns in alert data to recommend new use cases, detection methods, and policy improvements
Work with customers to develop custom detection policies for industry-specific sensitive data types and unique organizational requirements
Establish baselines for normal user behavior by role, department, and geography to improve anomaly detection
Serve as a trusted technical advisor and subject matter expert on data protection, DLP best practices, and insider threat management
Conduct regular operational reviews with customers to share insights on data risk trends, policy effectiveness, and program maturity
Educate customer security teams on using Nightfall's platform effectively, including investigation workflows, reporting capabilities, onboarding and deployment best practices
Understand customer business context to deliver relevant, actionable security guidance - not just alerts, but answers to 'why this matters' and 'what to do next'
Administer Nightfall's DLP solution including agent deployment, policy configuration, integration setup, and performance monitoring
Troubleshoot technical issues with endpoint agents, browser extensions, SaaS integrations
Work with Nightfall engineering teams to report bugs, provide product feedback, and contribute to feature development based on customer needs
Stay current on Nightfall platform updates, new capabilities, and best practices to maximize value for customers
Coordinate with internal teams (Sales Engineering, Customer Success, Product) to ensure successful customer outcomes
Stay informed about emerging insider threat trends, data exfiltration techniques, and adversary tactics, techniques, and procedures (TTPs)
Analyze external DLP market developments and competitive intelligence to inform customer guidance
Contribute to Nightfall's insider risk intelligence by documenting novel attack patterns, evasion techniques, and detection methods
Compile and deliver executive-level reports with clear metrics, data visualizations, and risk assessments
Track key performance indicators: detection accuracy, false positive rates, mean time to detect/respond, policy coverage, data at risk
Provide business impact analysis showing how DLP program prevents data loss, supports compliance, and enables secure business operations
Develop recommendations for continuous program improvement based on operational data and industry benchmarks

Qualification

DLP tools experienceDLP administration skillsIncident response processesData classification methodologiesCompliance frameworks knowledgeAnalytical skillsSIEM platforms experienceScripting skillsEndpoint security understandingSaaS security knowledgeCustomer collaboration

Required

3-5 years of experience in information security, with at least 2 years focused on data loss prevention (DLP), insider threat, or data protection technologies
Hands-on experience with DLP tools (e.g., Forcepoint, Symantec, McAfee, Digital Guardian, Microsoft Purview, or other enterprise DLP solutions)
Proven DLP administration skills: configuring policies, tuning detection rules, managing agents, generating reports, and performing incident investigations
Strong understanding of data classification methodologies, sensitive data types (PII, PHI, PCI, IP, credentials), and regex/pattern matching for content inspection
Experience with incident response processes, forensic investigation techniques, and security event escalation workflows
Knowledge of compliance frameworks and regulations: GDPR, HIPAA, PCI-DSS, SOX, and their data protection requirements
Strong analytical skills - ability to analyze complex, multivariate security problems and use systematic approaches to reach resolution
Experience with SIEM platforms, SOAR tools, or log analysis software (Splunk, ELK, Tines etc)
Familiarity with User and Entity Behavior Analytics (UEBA) and behavioral risk indicators
Understanding of endpoint security, including macOS, Windows, and browser platforms
Knowledge of SaaS security, CASB solutions, and cloud application architectures (Office 365, Google Workspace, Slack, GitHub, Salesforce, etc.)
Basic scripting skills (Python, PowerShell, Bash) for automation and data analysis

Preferred

Prior experience with Nightfall, Cyberhaven, Code42, DTEX, Proofpoint, or similar DLP/insider risk platforms
Background in Security Operations Center (SOC) operations, threat hunting, or blue team activities
Knowledge of machine learning/AI-based detection systems and how they improve upon traditional pattern-matching approaches
Understanding of API security, OAuth flows, and integration architectures for SaaS platforms
Contributions to security community: blog posts, speaking engagements, open-source projects, or threat research

Company

Nightfall AI

twittertwittertwitter
company-logo
Nightfall AI the AI-native, all-in-one data loss prevention platform.
dateFounded in 2018
location
San Francisco, California, USA
people-size51-200 employees
web-link
https://www.nightfall.ai

H1B Sponsorship

Nightfall AI has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (5)
2023 (5)
2022 (3)
2021 (2)
2020 (1)

Funding

Current Stage
Growth Stage
Total Funding
$60.3M
Key Investors
WestBridge Capital
2022-08-10Series B· $40M
2019-11-07Series A· $20.3M
2018-11-26Seed

Leadership Team

leader-logo
Rohan Sathe
Co-Founder & CEO
linkedin
leader-logo
Isaac Madan
Co-Founder & President
linkedin

Recent News

Venrock
Venrock Portfolio
2025-12-23
PR Newswire
Nightfall Unveils Industry-First AI-Powered File Classifiers to Close the Blind Spot Legacy DLP Misses: IP Exfiltration
2025-11-19
Beta News
New detection platform built to prevent intellectual property theft
2025-11-19
Company data provided by crunchbase