Cyber Security Analyst - Data Loss Prevention

We are looking for a Cyber Security Analyst - Data Loss Prevention (DLP) to help protect Asda's sensitive information and strengthen our data security posture. This role will focus on the design, monitoring, and operation of DLP capabilities, with a primary focus on Microsoft Purview and Zscaler platforms.

• Operate and optimise Asda's DLP tools (Microsoft Purview Information Protection & Zscaler) to detect, investigate, and prevent potential data loss events.
• Monitor DLP alerts, triage and escalation incidents, working with SOC, Legal, HR, and business teams where appropriate.
• Collaborate with business stakeholders to define DLP rules, policies, and exceptions that balance security, usability, and compliance.
• Support integration of DLP with broader security and compliance initiatives (insider risk, governance, monitoring, cloud security).
• Provide recommendations for continuous improvement of data protection controls, coverage, and workflows.
• Develop and maintain playbooks and runbooks for common DLP events and escalation scenarios.
• Produce reporting and metrics on DLP activity, effectiveness, and trends for leadership and governance forums.
• Support awareness and training efforts to embed a strong data protection culture across the business.

• Effective detection and response to data loss attempts across email, endpoint, cloud, and web channels.
• Reduction in false positives and improved precision of DLP controls.
• Stakeholders (Technology, Risk, Legal, HR, Business Units) feel supported and confident in Asda's ability to protect sensitive information.
• Continuous improvement of DLP capability, aligned with emerging threats and business priorities.

• Hands‑on experience with Microsoft Purview Information Protection / DLP and Zscaler security tools.
• Knowledge of data protection and insider risk threats, controls, and investigative techniques.
• Understanding of regulatory and contractual requirements for data protection (e.g., GDPR, PCI DSS).
• Familiarity with security operations processes: alert triage, incident response, playbooks.
• Strong analytical and problem‑solving skills; ability to interpret DLP events in context of business processes.
• Clear communication skills – able to explain data protection risks and requirements to technical and non‑technical stakeholders.

• Microsoft certifications (e.g., SC‑400, SC‑900, MS‑500).
• Experience in large‑scale enterprise environments.
• Knowledge of wider Microsoft security stack (Entra ID, Sentinel, Defender).

Be part of a growing Cyber Security function protecting one of the UK's largest retailers.

Opportunity to work hands‑on with Microsoft's latest security stack and Zscaler platforms.

A collaborative and values‑led culture with real career growth opportunities.

Hybrid working, competitive benefits, and the chance to make a real impact for millions of customers and colleagues.

• Discretionary company bonus
• Company pension up to 7% matched
• 15% colleague discount in store and online
• Free access to wellbeing services such as Wagestream, 24/7 virtual GP, counselling, health and dental cash plans and a 24/7 employee assistance helpline, alongside discounts across a range of services and activities, from airport parking, enhanced to theme parks and cinemas.
• Asda Allies Inclusion Networks – helping colleagues to make sure everybody is included and that our differences are recognised and celebrated
• Excellent parental leave policies, including maternity & adoption leave, paternity leave, shared parental leave, neonatal care leave, and support for those doing fertility treatments.
• We want all colleagues to be able to bring their best and true selves to work, every day. Simply put, we want our colleagues to be proud to be Asda and proud to be themselves.

• We are one team: success is shared across Technology, Risk, Operations, Stores, and Supply Chain.
• We are customer‑obsessed: keeping customer trust at the centre of our decision‑making.
• We are bold and innovative: continuously adapting to protect against new threats.
• We are ethical and transparent: doing the right thing, the right way.