Data Loss Prevention - Program Lead

Brown Advisory•Baltimore, MD

2d•$140,000 - $170,000

About The Position

Every firm has a culture – the values, beliefs, methodology, attitudes and standards that reflect an organization’s DNA. But the truly inspiring firms – the game-changers, the industry leaders and the disruptors – have cultures that propel them to innovate and stand out. At Brown Advisory, we aim to be one of those inspired firms. Over the years, we have purposefully built and nurtured our client-first culture. Brown Advisory is an independent investment management and strategic advisory firm committed to delivering a combination of first-class performance, strategic advice and the highest level of client service. The firm’s clients—including individuals, families, family offices, endowments, foundations, charities, institutions, consultants, and financial intermediaries—are served by over 1,000 colleagues worldwide, all of whom are equity owners of the firm. Brown Advisory is currently seeking a pragmatic and driven security professional to lead our Data Loss Prevention (DLP) program. This role is designed for someone who combines strong technical capability with program ownership and business judgment. As part of a lean Information Security team within a mid-sized financial services organization, you will play a key role in protecting sensitive client and firm data while enabling business growth. You will operate with autonomy and accountability, partnering closely with Technology, Operations, Compliance, and Client Service teams. This is an opportunity to shape and mature a core security capability within a firm that values thoughtful execution, professionalism, and continuous improvement.

Requirements

Bachelor’s degree in cyber security, computer science, engineering, information systems, or a relevant field.
3–7 years of experience in Information Security or Data Security
Proven analytical and problem-solving abilities.
Hands-on experience with Varonis, Microsoft Purview, and SaaS security controls
Working knowledge of privacy and data protection regulations, including GDPR and CCPA
Experience operating in a regulated environment (financial services preferred)
Ability to manage initiatives independently and drive measurable outcomes
Strong communication skills and comfort working across technical and non-technical teams
Take ownership and move initiatives forward without constant oversight
Balance technical depth with sound business judgment
Approach risk management pragmatically rather than theoretically
Thrive in collaborative, high-accountability environments
Bring an entrepreneurial mindset to building and improving programs
Applicants must be authorized to work in the United States without the need for current or future employer-sponsored work authorization (e.g., H-1B , O-1, F-1 (OPT), TN, or any other non-immigrant visa classifications that require employer support or sponsorship).

Nice To Haves

Microsoft ISAA or other professional security designations preferred.

Responsibilities

Own and mature the firm’s enterprise DLP program from strategy through execution
Administer and optimize: Varonis Microsoft Purview (M365 Compliance, DLP, Information Protection) SaaS security controls for Box, Salesforce, and other cloud platforms
Develop and enforce data classification standards and governance controls
Translate regulatory obligations (GDPR, CCPA, and related privacy frameworks) into practical technical controls
Investigate DLP alerts and work collaboratively to resolve risk events
Provide clear reporting and metrics to leadership on program effectiveness
Identify and close control gaps in a scalable, business-aligned manner