Information Security Engineer - Data Protection & Insider Risk

About The Position

Requirements

• 5+ years of experience in information security, with direct focus on data protection, insider risk, or identity governance;
• Hands-on experience with one or more DLP and data classification platforms (e.g., Microsoft Purview, Symantec, Forcepoint, Netskope, etc.);
• Experience managing identity and access governance solutions (e.g., Microsoft Entra ID Governance, SailPoint, Saviynt, Okta IGA);
• Strong understanding of data classification schemes, sensitive data types, and data handling controls;
• Experience investigating security alerts and incidents involving user behavior and data misuse;
• Familiarity with endpoint, cloud, and SaaS security architectures;
• Strong documentation, communication, and cross-functional collaboration skills; and
• Ability to work additional hours as needed.

Nice To Haves

• Experience with Microsoft security ecosystem (Purview, Defender for Endpoint, Defender for Cloud Apps, Entra ID, Sentinel);
• Experience with User and Entity Behavior Analytics (UEBA) or insider risk platforms;
• Knowledge of privacy-by-design principles and employee monitoring considerations;
• Scripting or automation experience (PowerShell, Python, KQL, etc.);
• Security certifications such as CISSP, CISM, CCSP, GIAC, or vendor-specific certifications;
• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related technical field.

Responsibilities

• Designs, implements, and operates Data Loss/Leakage Prevention (DLP) controls across endpoints, email, cloud services, and SaaS platforms;
• Leads and maintains data identification, classification, and labeling strategies for structured and unstructured data;
• Monitors, investigates, and responds to data exfiltration and misuse events, including both accidental and malicious activity;
• Tunes detection policies to reduce false positives while maintaining effective risk coverage.
• Operates and enhances insider risk detection and response programs, including behavioral analytics and user activity monitoring;
• Partners with IT/IS management on insider risk investigations, ensuring appropriate governance and privacy controls;
• Develops workflows for escalation, evidence handling, and remediation of insider risk incidents.
• Manages and optimizes identity and access governance (IAG) platforms, including access reviews, entitlement management, and lifecycle automation;
• Supports least-privilege access models, role-based access control (RBAC), and segregation of duties (SoD) initiatives;
• Integrates identity signals with data protection and insider risk tooling to enable contextual, risk-based controls.
• Serves as a subject matter expert for security platforms related to DLP, insider risk, data classification, and identity governance;
• Evaluates, onboards, and operationalizes new security tools and features;
• Creates and maintains runbooks, procedures, dashboards, and metrics to demonstrate program effectiveness.
• Supports regulatory and compliance requirements related to data protection and access control (e.g., SOX, HIPAA, GDPR, CCPA, etc., as applicable);
• Provides guidance to IT and business teams on secure data handling and access practices;
• Contributes to security awareness efforts related to data handling, insider risk, and acceptable use.
• Implements and operates security controls for Microsoft Copilot for M365 using Purview, Defender, and Entra ID to enforce access boundaries and reduce data exposure;
• Configures DLP, sensitivity labels, permissions, logging, and alerting to ensure AI-assisted access aligns with data classification and authorization models;
• Investigates and responds to data exposure or misuse involving Copilot or other AI-enabled workflows, and support secure onboarding of additional AI/LLM tools; and
• Performs additional duties as assigned.

Benefits

• paid time off
• medical
• dental
• vision care
• 401(k)
• substantial health club discounts