Senior Cloud Data Security Engineer

About The Position

Requirements

• 5+ years of experience implementing and supporting cloud security solutions in large enterprise environments, with a strong focus on DLP.
• 5+ years of hands‑on experience with enterprise DLP platforms such as Microsoft Purview, Zscaler, and Palo Alto.
• 5+ years of experience designing and enforcing DLP policies across cloud, endpoint, email, and network channels.
• 5+ years of experience in at least two of the following cloud platforms: AWS, Azure, GCP, including data protection implementations.
• 5+ years of experience with Zero Trust, CASB, CSPM, and Conditional Access frameworks.
• Bachelor’s degree from accredited university or equivalent work experience (HS diploma + 4 years relevant experience).

Nice To Haves

• 3+ years of experience using Regex for DLP policies and leveraging tools such as Splunk, Chronicle, or Power BI for analytics.
• 3+ years of experience with network security, email security, and firewall technologies related to data exfiltration prevention.
• 3+ years of experience securing AI/ML platforms, including exposure to LLMs, generative AI, and MLOps, with a data protection focus.
• Proven experience leading DLP and data protection engineering initiatives in collaboration with cross‑functional teams.
• Ability to provide off‑hours and weekend support on short notice when required.

Responsibilities

• Design, implement, and mature enterprise DLP policies and controls across cloud, endpoint, email, and network channels.
• Support the full DLP program lifecycle, including strategy, policy development, rule tuning, and continuous improvement.
• Lead data classification and labeling initiatives to ensure consistent governance of PII, PHI, PCI, and proprietary data.
• Monitor, investigate, and respond to data leakage incidents; manage cases, perform root cause analysis, and drive remediation to closure.
• Develop dashboards, metrics, and reporting to communicate DLP effectiveness, risk posture, and trends to leadership.
• Automate DLP enforcement, incident triage, and response workflows to improve accuracy and reduce manual effort.
• Extend DLP capabilities to cloud‑native and hybrid environments, leveraging CASB, CNAPP, CSPM, SASE, and Zero Trust architectures.
• Lead shadow AI discovery and enforce DLP controls across sanctioned and unsanctioned AI services.
• Design and implement data protection controls for AI/ML workloads, pipelines, model training, and outputs.
• Enforce secure data handling for generative AI, LLMs, and MLOps platforms to prevent improper ingestion, exposure, or transmission of sensitive data.
• Partner with business and technology leaders to define DLP strategy, roadmaps, and priorities aligned to regulatory and risk requirements.
• Align DLP controls with industry frameworks such as NIST, CIS, CSA, and MITRE ATLAS.
• Serve as a subject matter expert on data protection for initiatives including cloud migrations, AI platform deployments, and M&A activities.
• Collaborate with infrastructure, operations, data science, and application teams to embed DLP into architecture and operational processes.
• Drive a low‑friction, user‑centric security experience while maintaining strong data protection outcomes.
• Act as the organizational authority on DLP, cloud data security, and AI/ML data protection best practices.

Benefits

• medical
• dental
• vision coverage
• paid time off
• retirement savings options
• wellness programs