Security Engineer - Data Protection
Lockton · Kansas City, MO · 2 wk ago
Information TechnologyFull-time
Your Responsibilities
- Design, implement, and manage a comprehensive data protection strategy utilizing the Microsoft Purview governance and compliance portal.
- Deploy and configure Microsoft Purview solutions, including Data Loss Prevention (DLP), Microsoft Information Protection (MIP) for data classification and sensitivity labeling, Insider Risk Management, and eDiscovery.
- Create, tune, and monitor robust Data Loss Prevention (DLP) policies for endpoints, email, Microsoft Teams, and cloud applications to prevent data exfiltration.
- Collaborate with business, legal, and compliance teams to translate data protection requirements into technical policies and controls.
- Manage the configuration and lifecycle of sensitivity labels to ensure proper encryption, access control, and visual markings are applied to documents and emails.
- Serve as the subject matter expert for data-related security incidents, using Purview tools for investigation, forensics, and response.
- Maintain an overview of the effectiveness of data protection controls and provide regular reporting on compliance, risk posture, and policy enforcement to leadership.
- Stay current with the latest advancements and threats in the data protection landscape and the evolution of the Microsoft Purview platform.
- Coach and mentor other security and technology team members on data protection best practices.
- Participate in the security team's on-call rotation and be available to respond to critical data security incidents outside of regular business hours.
Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
- Professional certification in Microsoft security, such as SC-400: Microsoft Information Protection Administrator, is strongly preferred. AZ-500 or other relevant certifications are a plus.
- Minimum of 5 years of experience in information security, with at least 3 years focused specifically on data protection, data governance, or information lifecycle management.
- Deep, hands-on experience with the Microsoft Purview suite (formerly Microsoft 365 Compliance Center), including DLP, MIP/AIP, Data Classification, and Insider Risk Management.
- Strong experience with the Microsoft Azure ecosystem and securing data within Azure services (Azure Storage, Azure SQL, etc.).
- Proficiency with scripting languages, particularly PowerShell, for automating security and compliance tasks.
- Strong understanding of data privacy regulations and compliance frameworks (e.g., GDPR, CCPA, HIPAA, ISO 27001).
- Excellent analytical and problem-solving skills with the ability to manage security incidents under pressure.
- Exceptional communication and collaboration skills, with the ability to effectively communicate complex technical concepts to both technical and non-technical audiences.