About The Position

Kentro is hiring for a Journeyman Data Protection Engineer to support USSOCOM/EDAT - Zero Trust Data. The Journeyman Data Protection Engineer supports the implementation, administration, and optimization of enterprise data protection capabilities across Microsoft and Trellix security platforms. Working under the guidance of senior engineers and architects, this role assists in securing sensitive government data, implementing Data Loss Prevention (DLP) controls, supporting Zero Trust initiatives, and maintaining compliance with DoD cybersecurity requirements.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related field. Additional years of relevant experience may substitute for education in accordance with contract requirements.
  • 3–7 years of experience in cybersecurity, information assurance, cloud security, or data protection engineering.
  • Experience supporting DoD or Federal Government environments is preferred.
  • Microsoft Purview, Microsoft Defender XDR, Microsoft Defender for Cloud Apps, Microsoft Entra ID, Trellix Data Loss Prevention (DLP), data classification, encryption technologies, cloud security fundamentals, PowerShell or Python scripting, and security monitoring.
  • Working knowledge of DoD Zero Trust Architecture, NIST SP 800-207, NIST Risk Management Framework (RMF), NIST SP 800-53, and DoD Controlled Unclassified Information (CUI) requirements.
  • Active DoD 8570/8140 IAT Level II certification (e.g., Security+ CE, CySA+, CCNA Security, or equivalent).
  • Minimum Clearance - TS/SCI
  • Must be a US Citizen

Nice To Haves

  • Experience administering Microsoft Purview and Microsoft Defender security products.
  • Familiarity with Trellix DLP administration and data protection technologies.
  • Experience supporting USSOCOM, SOF, or other DoD organizations.
  • Exposure to DevSecOps, Platform One, and Continuous ATO (cATO) concepts.
  • Experience supporting cloud migration or hybrid cloud environments.
  • Knowledge of Zero Trust principles and identity-based security models.
  • Familiarity with Cross Domain Solutions (CDS) and classified data handling.
  • Basic experience with Kusto Query Language (KQL) or Splunk Processing Language (SPL).
  • Strong analytical, troubleshooting, and communication skills with the ability to work effectively within cross-functional engineering teams.

Responsibilities

  • Support the deployment, configuration, and maintenance of Microsoft Purview and Microsoft Defender XDR solutions across cloud and hybrid enterprise environments. Assist with monitoring security alerts, investigating incidents, and implementing recommended security improvements.
  • Assist in administering Microsoft Defender security services, Microsoft Purview, Defender for Cloud Apps, Microsoft Entra ID, and Conditional Access policies to protect enterprise resources and enforce identity-based security controls.
  • Configure, maintain, and troubleshoot Trellix Data Loss Prevention (DLP) policies to protect Controlled Unclassified Information (CUI) and other sensitive government data. Support policy tuning and incident response activities.
  • Support the operation and maintenance of Trellix Network Prevent and Monitor services. Assist with monitoring network traffic, investigating potential data exfiltration events, and implementing data protection controls.
  • Assist in implementing and maintaining security controls protecting data moving between on-premises datacenters and cloud environments. Support encryption, secure communications, and network security initiatives.
  • Support the implementation of Zero Trust data protection capabilities aligned with DoD Zero Trust Architecture and NIST SP 800-207 guidance.
  • Collaborate with Identity and ICAM teams to integrate data protection controls with identity services, including Attribute-Based Access Control (ABAC) and policy-based access management.
  • Assist with Continuous Authorization to Operate (cATO) activities by supporting security assessments, compliance validation, vulnerability remediation, and continuous monitoring of enterprise data security controls.
  • Develop technical documentation, standard operating procedures, security implementation guides, and engineering documentation. Participate in troubleshooting, change management, and operational support activities

Benefits

  • paid time off
  • healthcare benefits
  • supplemental benefits
  • 401k including an employer match
  • discount perks
  • rewards
  • education reimbursement for certifications, degrees, or professional development
  • flexibility for you to take a course, complete a certification, or other professional growth and networking
  • funds for activities – virtual and in-person – e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations
  • host and attend charity galas/events
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service