Data Protection Content Engineer

About The Position

Requirements

• At least 8 years of related experience in software engineering, including enterprise application delivery.
• 5–8+ years of experience in data protection, DLP, or information security engineering.
• Hands‑on experience with Microsoft Purview (DLP, Information Protection, labeling, DSPM).
• Proven background engineering content in Zscaler, Symantec, or equivalent enterprise data security platforms.
• Strong understanding of structured and unstructured data types and common data movement patterns.
• Experience working in a regulated enterprise environment, with the ability to produce documentation that stands up to audit and second‑line review.

Nice To Haves

• Experience supporting or securing cloud collaboration platforms and SaaS services.
• Familiarity with AI adjacent risk controls (e.g., AI proxies, GenAI usage controls).
• Prior experience building or operating new security capabilities or programs.

Responsibilities

• Design, build, and maintain data loss prevention (DLP) policies, detection rules, and classifier logic across enterprise enforcement points, including DLP, DSPM‑derived enrichment, and AI proxy controls.
• Translate data classification and protection requirements into enforceable, testable control logic that operations teams can run consistently.
• Establish and maintain a clear definition of done for content releases, including documented intent, testing evidence, rollout plans, and rollback procedures.
• Engineer and tune sensitivity labels, auto‑labeling policies, and inheritance logic across Microsoft 365 workloads (Exchange, SharePoint, OneDrive, Teams) and other supported platforms.
• Ensure consistent taxonomy implementation and alignment between labeling, DLP enforcement, encryption, and access controls.
• Continuously refine classifiers and labeling logic as new data types and usage patterns emerge.
• Analyze alert telemetry, investigation outcomes, and business feedback to improve signal quality.
• Reduce false positives and alert noise through rule tuning, threshold adjustments, and contextual logic.
• Partner with Data Protection Operations to close detection gaps and improve mean time to resolution.
• Build and maintain content across integrated platforms, including: Microsoft Purview (DLP, Data Security Posture Management, Information Protection), Zscaler (CASB, web and cloud egress controls), and other enterprise DLP and data security tools (e.g., Symantec).
• Ensure consistent policy intent and enforcement across multiple control points.
• Apply SDLC‑style rigor to all policy and rule changes, including version control with traceable history, peer review and formal change approval, test plans and test evidence (positive, negative, regression), release notes documenting what changed, why, and impact, and rollback plans and controlled deployments.
• Produce and maintain audit‑quality control evidence, including control intent, logic rationale, and proof of operation aligned to governance and regulatory expectations.
• Maintain clear documentation for policies, classifiers, and content changes.
• Support acceptance testing, change management, and evidence needs for audits and regulatory reviews.
• Use telemetry and case outcomes to continuously improve signal‑to‑noise without weakening protection.
• Implement and sustain a structured tuning and review cycle in partnership with Operations.
• Work closely with Data Protection Operations, platform engineers, and other security stakeholders to ensure content changes are safe, understood, and operationally consumable.
• Coordinate across related control owners to maintain consistent enforcement and avoid conflicting or overlapping controls.

Benefits

• Competitive compensation, including base pay and annual incentive
• Comprehensive health and life insurance and well-being benefits, based on location
• Pension / Retirement benefits
• Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.