Jobs · Information Technology · California

Network Data Loss Prevention (DLP) Administrator

CHAOS Industries · El Segundo, CA · 4 wk ago
On-siteInformation TechnologyFull-time

Role Overview

The Network Data Loss Prevention (DLP) Administrator is a hands-on technical role within the Cybersecurity Division, responsible for designing, implementing, and maintaining DLP policies across classified and unclassified network environments. This role ensures that critical information never leaves the intended systems.

Responsibilities

  • Administer, configure, and tune enterprise DLP solutions to detect and prevent unauthorized transmission of sensitive data.
  • Develop, implement, and maintain DLP policies governing CUI, classified information, PII, proprietary data, and export-controlled technical data (ITAR/EAR).
  • Monitor DLP alerts and dashboards continuously; triage, investigate, and escalate incidents according to established procedures; document findings and remediation actions to closure.
  • Collaborate with ISSMs, ISSOs, and network security engineers to ensure DLP policies align with system authorization boundaries, classification requirements, and data handling SOPs.
  • Conduct regular DLP policy reviews and effectiveness assessments; analyze false positive/negative rates and recommend tuning actions to maintain operational accuracy without degrading mission capability.
  • Support incident response activities involving suspected data exfiltration or policy violations; preserve evidence, prepare incident reports, and coordinate with program security and legal teams as required.
  • Maintain DLP system health including software updates, licensing, log integration with SIEM, and coordination with IT infrastructure teams for network-layer inspection (proxy, SSL inspection, mail gateway).
  • Develop and deliver user awareness content and security reminders related to data handling policies; support periodic training on CUI, PII, and proprietary data protection requirements.
  • Produce recurring metrics, trend reports, and executive-level summaries of DLP program performance; support annual self-inspections and government audit activities.
  • Travel up to 10% CONUS to support program site DLP implementations, security reviews, and government customer engagements.

Minimum Requirements

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent combination of education and experience considered.
  • 5–8 years of experience in cybersecurity, network security, or information assurance, with a minimum of 2–3 years of hands-on DLP administration or data protection engineering experience.
  • Demonstrated experience configuring, tuning, and managing an enterprise DLP platform (Forcepoint, Symantec DLP, Microsoft Purview, Trellix, or equivalent) in a production environment.
  • Working knowledge of data classification frameworks, CUI categories, PII handling requirements, and ITAR/EAR export control regulations as they apply to network data flows.
  • Familiarity with network security architecture including proxies, mail gateways, SSL/TLS inspection, and network packet capture/analysis tools (Wireshark, tcpdump, or equivalent).
  • Experience with SIEM platforms (Splunk, ArcSight, or equivalent) for DLP log integration, correlation rule development, and alert triage.
  • Active Secret clearance required at time of hire. TS/SCI eligibility preferred.

Preferred Requirements

  • Active TS.
  • Experience administering DLP in a DoD, IC, or classified environment with multi-domain/cross-domain network architectures.
  • Knowledge of CMMC, NIST SP 800.171/172, NIST SP 800-53 data protection controls (AC, AU, SI control families) and their application to DLP policy development.
  • Familiarity with Microsoft Purview compliance center, insider threat detection capabilities, and cloud-based DLP for M365 GCC High environments.
  • Experience with User and Entity Behavior Analytics (UEBA) platforms or insider threat tooling (Veriato, ObserveIT, or similar) in support of DLP investigations.
  • Relevant certifications: Security+, CISSP, CISM, Certified Data Privacy Solutions Engineer (CDPSE), or vendor DLP certification.

Similar jobs