Sr Cyber Security Engineer-Data Security

About The Position

Requirements

• Strong analytical and problem-solving skills with the ability to diagnose complex and novel scenarios.
• Ability to influence, negotiate, and drive consensus across diverse stakeholders.
• Excellent written and verbal communication skills and a high level of initiative and ownership.
• Adaptability to shifting priorities and emerging technologies, plus strong organizational skills to manage multiple projects simultaneously.
• Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, or related field or equivalent work experience.
• 7+ years of progressively responsible experience in cybersecurity, data protection, or information security engineering.
• 3+ years of hands-on experience with DLP technologies (e.g., MS Purview), endpoint/network DLP platforms (e.g. MS Defender, CrowdStrike).
• Demonstrated experience designing or operating data classification programs.
• Hands-on experience integrating data security controls with identity and endpoint security platforms.
• Experience supporting hybrid environments (on-premises and cloud).
• Knowledge of regulatory frameworks (PCI, NIST).
• Ability to operate independently and lead mid- to large-scale technical initiatives.

Nice To Haves

• Experience with Data Security Posture Mgmt. (DSPM) tools (e.g. BigID, Netskope, Varonis, Concentric AI, Securiti, Sentra, Cyera).
• Experience securing generative AI or LLM-based platforms.
• Microsoft Purview Information Protection or Security certifications.
• CISSP, CISM, CCSP, or GIAC-related cybersecurity certifications.
• Experience scripting or automating workflows (PowerShell, Python).
• Experience leading data security architecture design in large enterprises.
• Experience with Cloud Access Security Broker (CASB)/Security Service Edge (SSE) platforms and cloud security frameworks.

Responsibilities

• Data Discovery & Classification:
• Lead enterprise-wide discovery and classification of sensitive data across file shares, databases, endpoints, cloud storage, and SaaS platforms.
• Design and implement automated classification strategies using content inspection, metadata analysis, and machine‑learning techniques.
• Maintain classification schemas aligned to corporate policies and regulatory frameworks (PCI, SOX, NIST, HIPAA where applicable).
• Partner with data owners to validate classification accuracy and continuously refine detection logic and tuning.
• Data Loss Prevention (DLP):
• Architect, deploy, and manage DLP capabilities across endpoints, email, collaboration tools, cloud applications, and web traffic.
• Implement and operate Microsoft Purview DLP, including sensitivity labeling and integrations with Exchange, SharePoint, OneDrive, Teams, and endpoint enforcement.
• Evaluate and integrate additional DLP and DSPM solutions as needed.
• Develop and maintain detection rules, risk‑based policies, alerting, and dashboards to monitor data movement and potential exfiltration.
• Triage DLP events, investigate false positives, and partner with business stakeholders to balance control strength with productivity.
• AI & Emerging Data Protection:
• Define and operationalize data protection controls for generative AI and LLM‑based platforms (Copilot, chat-based tools, third‑party AI services).
• Assess risks related to AI data ingestion, training, prompting, and output handling.
• Implement safeguards to prevent sensitive data from being exposed to unauthorized AI models or external services.
• Stay current on evolving AI security threats, regulations, and industry best practices.
• Security Engineering & Architecture:
• Design resilient, scalable data protection architectures across hybrid and cloud environments.
• Integrate data security controls with identity, endpoint protection, CASB/SSE, SIEM, and other monitoring platforms.
• Contribute to enterprise security standards, patterns, and reference architectures.
• Support secure adoption of new technologies and business initiatives involving sensitive information.
• Incident Response, Monitoring & Compliance:
• Investigate data security incidents, including analysis of DLP events, forensic support, and remediation recommendations.
• Produce documentation and evidence for audits, assessments, and regulatory inquiries.
• Develop metrics and reporting on DLP effectiveness, data exposure trends, and risk reduction outcomes.
• Participate in tabletop exercises and drive continuous improvement of data security processes.

Benefits

• Inclusive culture with associate-led Business Resource Groups
• 22 days of PTO and Holiday Schedule (7 observed paid holidays + 1 floating holiday)
• Online and Retail Discounts, Company Match 401(k), Physical and Mental Health Wellness programs, and more!