Information Security Senior Engineer

About The Position

Requirements

• Bachelor's or Master's degree in Computer Science, Information Security, or related field
• 7–10+ years of experience in data protection or security engineering
• Hands-on experience with: CASB (inline and API modes), DSPM, eDLP, Exact Data Match (EDM), Indexed Document Matching (IDM)
• Strong understanding of: Data classification and content inspection, Data exfiltration vectors and prevention techniques, SaaS and cloud data security risks
• Experience implementing Zero Trust data protection strategies
• Strong scripting/programming skills (Python preferred)
• Experience with: REST APIs and security integrations, SIEM/SOAR platforms, Cloud environments (AWS, Azure, GCP)
• Understanding of identity, access control, and conditional access models

Nice To Haves

• Deeply hands-on with data protection technologies
• Take a data-first approach to security, focusing on measurable risk reduction
• Demonstrate strong analytical and tuning expertise, especially with EDM/IDM
• Be proactive, curious, and continuously improving data protection coverage and accuracy
• Thrive in a fast-paced, diverse, and constantly evolving environment

Responsibilities

• Implement and optimize DSPM to continuously discover and classify sensitive data across: SaaS applications, Cloud storage and object stores, Unstructured data repositories
• Analyze data security posture, identifying: Overshared or publicly exposed data, Sensitive data sprawl, Misconfigured access controls
• Drive risk-based remediation workflows in partnership with data owners and application teams
• Establish continuous monitoring of data exposure and compliance posture
• Design and deploy eDLP policies to inspect and control data in motion across web and cloud channels
• Implement advanced detection techniques, including: Exact Data Match (EDM) for structured sensitive data (e.g., PII, PCI, financial datasets), Indexed Document Matching (IDM) for unstructured documents and intellectual property protection, Regex, keyword, and contextual data classification rules
• Build, tune, and maintain EDM data sets and IDM fingerprinting repositories to protect critical business data
• Configure real-time enforcement actions: Block, quarantine, alert, or coach users
• Continuously optimize detection accuracy by reducing false positives/false negatives
• Enforce secure data transfer policies across: Web uploads and downloads, SaaS file sharing and collaboration tools, Third-party and external data exchanges
• Implement safeguards against: Unauthorized data exfiltration, Risky upload behavior, Unapproved sharing channels
• Support business collaboration requirements while ensuring strong data protection controls
• Design and implement CASB controls (inline and API-based) to secure SaaS platforms such as M365, Google Workspace, and Salesforce
• Enforce granular access and session controls, including: Inline transaction control (upload/download restrictions), Session-based enforcement (block, coach, isolate, redact), Adaptive policies based on user, device, and risk context
• Identify and mitigate risks related to: Shadow IT, OAuth app abuse, SaaS misconfigurations and oversharing
• Align CASB policies with Zero Trust principles and least-privilege access models.
• Develop automation using Python and APIs to: Manage policies programmatically, Automate lifecycle management of EDM/IDM datasets, Trigger remediation workflows based on DSPM findings
• Integrate with SIEM/SOAR platforms for centralized monitoring and response
• Build tooling to enhance visibility, reporting, and operational efficiency
• Review and tune DLP and CASB alerts, focusing on data exfiltration and misuse.
• Define and track key data protection metrics, including: Sensitive data exposure trends, Policy enforcement effectiveness, Data exfiltration attempts
• Conduct data risk assessments and continuous control validation
• Tune and refine policies to maintain high efficacy and low business disruption

Benefits

• Employee Assistance Program
• Health insurance
• Life insurance
• Disability insurance
• Voluntary plans
• Retirement plan
• Paid Time Off (PTO)
• Paid Holidays