Data Protection Engineer (Journeyman)

Kentro•Tampa, FL

6d•Onsite

About The Position

Thank you for considering IT Concepts dba Kentro, where innovation drives opportunity and collaboration leads to success. Our dynamic community of experts is fully committed to advancing our customers' missions, fostering professional growth, and making a positive impact on our communities. By joining our supportive community, you will find that Kentro is dedicated to your personal and professional development. Together, we can drive meaningful change, spark innovation, and achieve extraordinary milestones. Kentro is seeking a hands-on and technically proficient Data Protection Engineer to join the Network Execution Team supporting a critical Zero Trust initiative at U.S. Special Operations Command (USSOCOM). This role is essential for the tactical implementation of data-centric security controls across the Command's hybrid environment, ranging from commercial cloud capabilities on NIPR to the rigid, disconnected constraints of the SIPR and Top-Secret networks. As a Data Protection Engineer, you will be the primary "hands-on-keyboard" implementer responsible for configuring, deploying, and tuning the encryption and labeling technologies that protect the Command's most sensitive data. You will translate the high-level architecture defined by the Chief Architect into concrete, enforceable policies within Microsoft Purview (for NIPR) and enterprise DRM platforms like Virtru or Kiteworks (for SIPR/Top Secret). You will move the Command from a passive "audit" posture to an active "block" posture, ensuring that data is encrypted and persistent protection travels with the file, regardless of where it is stored or transferred.

Requirements

Microsoft Purview Expertise: Significant (3+ years) hands-on experience configuring Microsoft Information Protection (MIP), Sensitivity Labels, and DLP policies in a large enterprise or DoD environment.
DRM/Encryption Experience: Proven experience implementing and managing enterprise encryption and Rights Management tools such as Virtru , Kiteworks , or Seclore , particularly in on-premise or hybrid configurations.
Data Classification: Strong understanding of data classification methodologies, including the creation of custom sensitive info types (SITs) using Regex and Exact Data Match (EDM).
Technical Troubleshooting: Ability to diagnose and resolve complex issues related to encryption key management, policy propagation, and agent conflicts.
Education: BA/BS or MA/MS in a relevant field
Years Exp: 3-10 years of relevant experience
Clearance Requirement: Active Top-Secret clearance with SCI eligibility.

Responsibilities

Microsoft Purview Implementation (NIPR): Configure and deploy Sensitivity Labels, Auto-labeling policies, and Data Loss Prevention (DLP) rules within the Microsoft 365 E5 suite to classify and protect CUI and PII in SharePoint, OneDrive, and Exchange.
DRM & Encryption Configuration (SIPR/Top Secret): Implement and manage enterprise Digital Rights Management (DRM) solutions (specifically Virtru or Kiteworks) to enforce encryption-at-rest and attribute-based access control on classified networks.
Policy Tuning & Enforcement: Oversee the phased transition of security policies from "Monitoring" mode to "Blocking" mode, analyzing false positives and tuning classifiers (Regex, Keyword Dictionaries, Trainable Classifiers) to minimize mission disruption.
Endpoint Protection: Collaborate with the Trellix engineering team to ensure that data tags applied by Purview/DRM tools are correctly recognized and enforced by endpoint DLP agents on workstations.
Cross-Domain Support: Assist in the manual "sneaker-net" transfer of policy updates and classification patterns to the air-gapped Top Secret environment, ensuring configuration consistency across all networks.

Benefits

We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more.
We invest in our employees – Every employee is eligible for education reimbursement for certifications, degrees, or professional development.
Reimbursement amounts may fluctuate due to IRS limitations.
We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking.
We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.
We work hard; we play hard.
Kentro is committed to incorporating fun into every day.
We dedicate funds for activities – virtual and in-person – e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations.
In alignment with our commitment to our communities, we also host and attend charity galas/events.
We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.