Lead Engineer, Data Protection
Caesars Entertainment · Las Vegas, NV · 3 wk ago
HybridEngineeringFull-time
Responsibilities
- Data Protection Platform Operations: Configure, administer, and optimize data protection and DLP platform(s); Support integration of data protection platforms with SIEM and other security tools
- Microsoft 365 Security Controls: Partner with M365 platform owners to implement and maintain controls to prevent inappropriate data exposure; Assist in validating and tuning existing protection configurations
- Data Discovery & Classification: Implement and support scanning processes to identify and classify sensitive data across enterprise repositories (e.g., network shares, SharePoint, Confluence); Provide feedback on data classification effectiveness and coverage
- Data Incident Support: Partner with Security Operations to support correlation rules, alert tuning, and response processes; Assist in triaging and resolving data-related incidents
- Data Protection Controls Implementation: Implement and optimize data protection controls based on defined architecture and standards; Provide input and feedback into control design and effectiveness
- Endpoint & Network Data Protection: Implement endpoint controls related to data movement (USB, printing, etc.); Support network data protection use cases in partnership with network security teams
- Process Improvement: Identify opportunities to improve operational efficiency, automation, and coverage; Contribute to maintaining policies, procedures, and standards
- Reporting & Metrics: Support development and reporting of KPIs and data protection metrics; Assist in generating reports for management on program effectiveness
- Compliance & Audit Support: Support activities required for compliance with frameworks (PCI DSS, HIPAA, NIST, etc.); Assist with audit evidence collection and remediation tracking
- Collaboration & Communication: Collaborate across cybersecurity, IT, and business teams to implement solutions; Communicate findings and recommendations clearly to both technical and non-technical stakeholders
Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field
- 6-8 years of experience in enterprise technology, with progressively increasing responsibilities
- 3-5+ years of experience implementing and managing data protection, DLP, and related technologies in support of a cybersecurity program
- Experience supporting data protection and DLP functions in an enterprise environment
- Deep understanding of encryption, tokenization, masking, and similar data protection techniques and data classification and discovery tools
- Advanced knowledge of DLP and data protection platforms, including the full product lifecycle from requirement gathering to implementation and continuous optimization
- Extensive understanding of Microsoft 365 and how to mitigate data risks in the M365 ecosystem
- Able to work effectively and efficiently toward detailed goals in a complex environment with fluid priorities
- Strong Analytical, problem-solving, and project management skills
- Excellent communication, interpersonal, and presentation skills