DLP Testing Analyst

Department: IT Operations

Employment Type: Permanent - Full Time

Location: London

Reporting To: Kirsty Kelly

We are looking for a detail-oriented and analytical DLP Analyst to join our CISO team. In this role, you will play a critical part in protecting sensitive data across our organization by monitoring, managing, and responding to data loss prevention (DLP) alerts. As part of the CISO team, you’ll support the ongoing operations and improvement of our DLP capabilities and be the first line of investigation and escalation for potential data policy violations.

Reporting to the Head of Information Security, you will work directly with IT, HR, compliance, and business stakeholders to investigate, document, and help resolve data protection issues.

Within this role, you will be responsible for:

• Monitoring and analysing alerts generated by DLP tools to identify potential data exfiltration and misuse
• Triaging alerts, assessing risk levels, and prioritising incidents for investigation.
• Conducting in-depth investigations of potential DLP policy breaches using available tools and logs. You will document findings and write clear, structured investigation reports for the Head of Information Security
• Escalating high-risk incidents to the Group CISO or repeat offenses for further action or disciplinary review with HR.
• Supporting the management, tuning, and improvement of DLP tools and rulesets to reduce false positives and increase detection accuracy.
• Collaborating with IT or third-party providers to ensure DLP systems are operational, updated, and aligned with business needs and regulation requirements.
• Producing clear, data-driven monthly reports and presentations for the Group CISO summarising DLP activity, trends, and incident statistics.
• Identifying emerging risks or patterns and make recommendations for policy or control improvements.
• Contributing to the enhancement of DLP policies and related documentation.
• Supporting awareness efforts by identifying areas where training or guidance can help reduce accidental data breaches.

The ideal candidate for this role will have prior experience in a security operations, DLP, or compliance-focused roles. Within this role, they would have gained:

• Experience using DLP technologies (e.g., Microsoft Purview, Symantec, Forcepoint, or similar).
• Familiarity with data classification, data handling standards, and regulatory requirements (e.g., NYDFS, GDPR).
• Knowledge of insider threat detection and user behavior analytics (UBA).
• Exposure to security incident and event management (SIEM) tools.

Love what you do:

We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.

Challenge everything:

We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.

Have fun, be good:

Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.