About the role

This is an ideal opportunity for a highly motivated individual to get in on the ground floor as we build out our Professional Services and Managed Services functions at Cyberhaven. The Data Protection Analyst-Lead holds a key position in providing continuous value for our customers and is responsible for advancing the mission of identifying potential insider threats and investigating endpoint forensic incidents. You will be responsible for performing technical analysis of data security incidents, finding and exposing risk in a customers environment as well as handling documentation and project management aspects of incident response. You will also perform analysis of events and incidents. You will also act as a lead for some of the other analysts.

What you’ll do

• Provide insight into DLP analytics and related issues.

• Analyze Cyberhaven’s Data Detection and Response (DDR) platform event data to improve policies and incidents/alerts and bring focus to areas where data loss risk may exist.

• Refine datasets and policies and manage them as customers’ data risk strategy matures and business needs evolve.

• Prepare and present summaries and reports to internal team members.

• Eliminate noise and false-positive information from analytic results to enhance detection accuracy.

• Conduct forensic analysis on people, groups, and non sanctioned egress destinations as requested.

• Act as a leader in helping to keep track of client progression, client satisfaction and account load

Who you are

• 1-2 years of experience in a lead or management role

• 2–5 years with data protection or adjacent security tools (EDR, SIEM, SOAR) and 2+ years in Insider Threat/InfoSec.

• Strong grasp of endpoint protection best practices and incident mitigation workflows.

• Experience with DLP, Insider Threat, CASB and controls for handling sensitive data.

• Comfortable across macOS, Linux, Windows and cloud platforms (AWS, GCP, Azure).

• Data & automation: SQL for analysis; build/maintain dashboards; edit XML-based DLP rules; script and use APIs.

• Excellent problem-solving and communication skills; collaborative on a global team; customer-centric with a passion for cloud security and emerging tech.

Joining Cyberhaven is a chance to revolutionize data security. Traditional tools fall short, but we’ve reimagined protection with AI-enabled data lineage that analyzes billions of workflows to understand data, detect risk, and stop threats. Backed by $250M from leading investors like Khosla and Redpoint, our team includes leaders who built industry-defining technologies at CrowdStrike, Palo Alto Networks, Meta, Google, and more. This role lets you shape the future of data security, alongside experts driven to help customers protect their most valuable information.

Cyberhaven is committed to creating a diverse environment and is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.