Binance - SOC Engineer (Incident Response)

• Design, deploy, and optimize DLP solutions across network, endpoint, and cloud. • Build and refine data classification schemes for sensitive assets (wallets, trading algorithms, customer PII). • Configure DLP policies to prevent data exfiltration while minimizing false positives. • Monitor, analyze, and tune alerts and incidents for continuous improvement. • Lead investigations of DLP incidents and insider threats, • Conduct threat hunting and forensic analysis of data exfiltration attempts. • Integrate DLP monitoring into broader SOC workflows and incident response playbooks. • Build custom DLP tools and integrations (e.g., macOS Swift endpoint protection, Unix socket monitoring). • Develop automation scripts, APIs, regexes and integrations to enhance detection and response. • Explore AI/LLM-driven methods for anomaly detection and response efficiency. • Ensure controls align with crypto and financial regulations (AML, KYC, GDPR, CCPA). • Support audits and regulatory reviews related to data protection. • Assess and mitigate data loss risks across trading platforms, onboarding systems, and blockchain infrastructure.