Data Loss Prevention; DLP Analyst

Join to apply for the Data Loss Prevention (DLP) Analyst role at Nightfall AI

About Nightfall: Nightfall is the AI-native, unified data loss prevention and insider risk management platform that protects sensitive data across SaaS apps, GenAI tools, email, endpoint devices, and more. Hundreds of customers, spanning AI innovators to top 10 banks, trust Nightfall to detect and stop data exfiltration htfall enables organizations to innovate freely without the risks of losing intellectual property or exposing customer data.

Our agentic platform helps security teams regain their time by putting data loss prevention on autopilot. With automatic remediation, security violations can be resolved automatically before they become incidents, and end‑users can be automatically trained and coached in the moment to self‑heal violations that they introduce.

N nightfall is backed by leading VC firms including Bain Capital Ventures (Enrique Salem – former CEO of Symantec), Venrock (early investors in Cloudflare), West Bridge Capital, Pear VC (early investors in Dropbox and Door Dash), and a cadre of cybersecurity leaders including Frederic Kerrest (founder of Okta), Maynard Webb (former COO of eBay), Ryan Carlson (President of Chainguard), Kevin Mandia (founder of Mandiant), and many others.

As a DLP Analyst at Nightfall, you’ll be at the forefront of protecting our customers' most sensitive data. You’ll become an expert on Nightfall's DLP platform, working directly with security teams to operationalize data loss prevention across their organizations. This hands‑on role combines technical depth, investigative skills, and customer obsession to help enterprises detect, investigate, and prevent data exfiltration incidents while maintaining employee productivity.

You'll work closely with customers' security operations teams to monitor data movement, investigate alerts, tune detection policies, and provide strategic guidance on insider threat mitigation. This role requires someone who can balance technical precision with business judgment – understanding when an alert represents a genuine security incident versus legitimate business activity.

• Monitor and analyze DLP alerts across endpoint, browsers, SaaS, and AI applications to identify potential data exfiltration events, policy violations, and insider threats.
• Conduct real‑time triage of security alerts, distinguishing between true positives and false positives using behavioral context, data lineage analysis, and sensitive findings.
• Perform detailed forensic investigations into data loss incidents, analyzing user activity, data movement patterns, and exfiltration vectors (email, web uploads, removable storage, print, source code exfiltration, desktop apps, GenAI apps, etc.).
• Understand and follow incident response processes and escalation procedures, coordinating with customer incident response teams on high‑severity cases.
• Document investigation findings, evidence trails, and remediation recommendations with clear, actionable reports.

• Configure and maintain DLP policies based on customer data classification schemes, compliance requirements (GDPR, HIPAA, PCI‑DSS, SOX), and business objectives.
• Continuously tune detection rules and sensitivity thresholds to reduce false positives while maintaining high detection accuracy.
• Identify patterns in alert data to recommend new use cases, detection methods, and policy improvements.
• Work with customers to develop custom detection policies for industry‑specific sensitive data types and unique organizational requirements.
• Establish baselines for normal user behavior by role, department, and geography to improve anomaly detection.

• Serve as a trusted technical advisor and subject matter expert on data protection, DLP best practices, and insider threat management.
• Conduct regular operational reviews with customers to share insights on data risk trends, policy effectiveness, and program maturity.
• Educate customer security teams on using Nightfall's platform effectively, including investigation workflows,…