Lead DLP Content Development Information Security Engineer
Wells Fargo · Chandler, AZ · Yesterday
EngineeringFull-time
About the role
This role supports the designing, authoring, testing, and tuning of DLP rules that protect sensitive data across various channels. Additionally, this role will develop and maintain reporting dashboards.
Responsibilities
- Support the designing, authoring, testing, and tuning of DLP rules that protect sensitive data across email, endpoints, web, and SaaS/collaboration channels.
- Support development & maintenance of reporting dashboards.
- Leverage existing platforms (data lake, Splunk, etc.) to generate insights.
- Engage and influence stakeholders within ICS and partners on net new or material changes to reporting.
- Conduct technical investigations of security events and incidents, including post-incident analysis and digital forensics, to identify root causes and recommend long-term mitigation strategies.
- Manage DLP policy-as-code artifacts using version control, peer review, and change-management processes, maintaining traceability from requirement to implementation.
- Support audits and regulatory exams by preparing evidence, maintaining documentation, and supporting quarterly and annual reviews.
- Collaborate cross-functionally with Information Protection, Risk, Legal, Messaging & Collaboration, Endpoint, and Cloud teams to safely deploy and evolve controls.
Requirements
- 5+ years of Engineering experience, or equivalent demonstrated through work experience, training, military service, or education.
- 3+ years of Information Security Metrics and Reporting background.
- Scripting and query proficiency (Powershell, SQL, and/or Python).
- Experience leading development of reporting and dashboards in Tableau and PowerBI.
- Experience in information protection, DLP engineering, or security content development.
- Familiarity with modern collaboration and productivity platforms, including Microsoft 365 (Exchange, SharePoint, OneDrive, Teams) and/or Google Workspace.
- Experience in Technical Storytelling: Ability to learn, understand, and present modules to users.
- Knowledge of endpoint DLP, CASB/SSE, secure web gateways, email security, OCR, and document fingerprinting technologies.
- Experience in exception governance and release-code processes, balancing risk exposure, business needs, and user experience.
- Relevant certifications such as: SC-400 or SC-100, CISSP, CCSP, GIAC.
Qualifications
- 5+ years of experience in information protection, DLP engineering, or security content development.
- Hands-on experience authoring and managing policies on one or more enterprise DLP platforms, such as Microsoft Purview, Broadcom (Symantec) DLP, Forcepoint, Proofpoint, Zscaler, or equivalent technologies.
- Familiarity with modern collaboration and productivity platforms, including Microsoft 365 (Exchange, SharePoint, OneDrive, Teams) and/or Google Workspace.
- Excellent written communication and documentation skills, with the ability to communicate effectively to both technical and non-technical audiences.
- Experience in Technical Storytelling: Ability to learn, understand, and present modules to users.
- Knowledge of endpoint DLP, CASB/SSE, secure web gateways, email security, OCR, and document fingerprinting technologies.
- Experience in financial services or other highly regulated industries, with familiarity with NIST 800-53 / 800-171, ISO/IEC 27001, data privacy and protection requirements.
- Relevant certifications such as: SC-400 or SC-100, CISSP, CCSP, GIAC.