Data Protection & Investigations Engineer

Arista was founded to deliver software defined cloud networking solutions for large data center and high-performance computing environments. With more than one million cloud networking ports being deployed worldwide, Arista delivers a portfolio of 1/10/40 and 100GbE products that redefine network architectures, bring extensibility to networking, and dramatically change the price/performance of data center networks. 

 Overview:

We are seeking a highly skilled and deeply technical Data Protection & Investigations Engineer to join our Cybersecurity team. This critical role is responsible for safeguarding our most sensitive data assets by operating and maturing our Data Loss Prevention (DLP) program and leading complex security investigations involving data misuse, intellectual property theft, compromise, and policy violations. The ideal candidate will possess expert-level proficiency in security tooling and a proven ability to conduct detailed technical forensic analysis while maintaining professional collaboration with Legal counsel and executive leadership, including the CISO.

Key Responsibilities:

• Monitor and triage security alerts.
• Serve as the subject matter expert for the enterprise DLP platform, driving its policy creation, detections, testing, tuning, and investigations process.
• Collaborate with business units and data owners to define and implement robust data protection policies and rules that balance security with operational efficiency.
• Monitor, triage, and respond to high-priority DLP alerts, escalating findings appropriately while minimizing false positives.
• Evaluate and integrate new data protection technologies to enhance overall data security posture.
• Lead and conduct highly sensitive, deep-dive technical investigations into complex security events and potential data exfiltration scenarios.
• Utilize Endpoint Detection and Response (EDR) platforms, network telemetry, log analysis, and digital forensics methodologies to construct factual timelines and evidence packages.
• Analyze user behavior, data flows, and endpoint activity to identify patterns of risk and policy violations related to critical data assets.
• Develop, refine, and execute investigation playbooks and procedures to ensure consistency and defensibility of evidence.
• Drive the Data Protection and associated security functions and processes
• Act as the primary technical liaison for investigations, collaborating closely with Legal, Human Resources, and the CISO to ensure all activities adhere to legal and privacy requirements.
• Prepare detailed, clear, and legally defensible investigation reports and evidence summaries suitable for executive review and legal proceedings.
• Provide professional briefings and analysis directly to the CISO on high-risk matters, data trends, and the overall health of the Data Protection program.
• Translate complex technical security issues into understandable business risks for non-technical audiences.
• Manage and adhere to the KPIs and executive reporting for the security function.

• Bachelor’s degree in Computer Science, Information Security, or a related technical field, or equivalent practical experience.
• 5+ years of experience in information security, with a minimum of 3 years dedicated to security investigations, forensics, or advanced threat analysis.
• Expert proficiency in operating, administering, and investigating alerts from enterprise Data Loss Prevention (DLP) solutions. 
• Deep, hands-on experience conducting investigations utilizing Endpoint Detection and Response (EDR) tools including advanced querying and remote live response.
• Proven ability to work with sensitive, confidential information and maintain absolute discretion.
• Strong working knowledge of legal holds, chain-of-custody procedures, and eDiscovery processes.

Skills and Attributes:

• Exceptional critical thinking and analytical skills to address complex security challenges.
• Self-starter with a proven ability to take initiative and deliver results independently.
• Driven mindset, thriving in fast-paced, high-pressure remote work environments.
• Strong understanding of cybersecurity principles, threat landscapes, and attack vectors.
• High attention to detail and ability to make sound decisions under pressure.
• Demonstrated commitment to continuous learning and professional development in cybersecurity.

Nice-to-Have:

• Write and optimize detections to detect and investigate security events.
• Knowledge of cloud security (GCP, AWS, and or Azure).
• Relevant industry certifications (e.g., CISSP, GCIA, GCIH, EnCE, GCFE).
• Experience in automation and artificial intelligence prompting 
• Familiarity with Data Privacy Regulations (e.g., GDPR, CCPA, HIPAA) and their impact on data protection policy.
• Experience with User Entity Behavior Analytics (UEBA) platforms.

What We Offer:

• Competitive salary and comprehensive benefits, including health, dental, and vision insurance (where applicable).
• Opportunities for professional growth for motivated individuals.
• A high-performance, no-excuses remote work environment that rewards initiative and accountability.

Arista Networks is an equal opportunity employer.  Arista makes all hiring and employment-related decisions in a non-discriminatory manner without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or any other factor determined to be unlawful under applicable federal, state, or law law.  All your information will be kept confidential according to EEO guidelines.

Arista Networks is an equal opportunity employer.  Arista makes all hiring and employment-related decisions in a non-discriminatory manner without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or any other factor determined to be unlawful under applicable federal, state, or law law.  All your information will be kept confidential according to EEO guidelines.