Cybersecurity Expert DLP (m/f/x)

Corporate Information Technology (CIT) is the central part of the company’s strategy, developing and implementing innovative security solutions to enhance efficiency and competitiveness in the Carl Zeiss Group. By working closely with various business units, CIT ensures that technological advancements and digital transformations are seamlessly integrated into business processes.

• Develop and maintain a solution-agnostic, high-level DLP framework that defines clear implementation guardrails and compliance criteria.

• Define and document standardized rules and decision trees for consistent handling of DLP exceptions.

• Monitor DLP alerts via the SIEM dashboard, perform initial triage, and support risk-based prioritization.

• Analyze DLP incidents to assess severity and drive resolution or escalation in line with established workflows.

• Document and manage DLP-related incidents, ensuring alignment with the DLP playbook.

• Review trends in DLP alerts and exceptions to identify systemic issues and propose process improvements.

• Collaborate with SOC, IT teams, and data owners to enhance detection logic, reduce false positives, and increase DLP coverage.

• Prepare and deliver regular and ad-hoc reports on DLP activities, exceptions, and long-term developments.

As a Cybersecurity Expert for Data Loss Prevention (DLP) at ZEISS, you will be responsible for shaping and operationalizing our DLP framework to protect sensitive information and ensure compliance with internal policies and regulatory requirements. Your role focuses on monitoring, analyzing, and optimizing DLP processes and controls, while collaborating with cross-functional stakeholders such as the Security Operations Center, IT, Legal, and Data Governance.

• Degree in Information Security, Computer Science, or a related technical field.

• At least 3 years of experience in data loss prevention, information security monitoring, or cybersecurity operations.

• Experience with DLP platforms (e.g., Microsoft Purview, Symantec DLP, or Forcepoint), SIEM tools, and alert triage processes.

• Familiarity with data protection regulations (e.g., GDPR, NIS2) and internal compliance requirements.

• Strong understanding of data classification, sensitive data types, and protection mechanisms.

• Ability to analyze structured and unstructured alert data and identify anomalies or compliance gaps.

• Experience in documenting exception handling processes and building security decision trees.

• Excellent communication skills and ability to present findings to technical and non-technical audiences.

Your ZEISS Recruiting Team: