Jobs · Engineering · Florida

Senior Data Protection Engineer (USSOCOM-Zero Trust, Azure Security & Network DLP)

Kentro · Tampa, FL · 1 wk ago
EngineeringFull-time

About the role

The Senior Data Protection Engineer will serve as a key member of the USSOCOM Enterprise Zero Trust Data Team, responsible for designing, implementing, and maintaining data-centric security capabilities across classified and unclassified environments.

Responsibilities

  • Azure Security & XDR: Serve as a Microsoft Azure security expert, spearheading the design, deployment, and tuning of Microsoft Purview and Microsoft Defender XDR across hybrid enterprise environments.
  • Defender Suite & Access: Architect and enforce continuous compliance using the Microsoft Defender suite. Leverage deep expertise in Microsoft Purview, Defender for Cloud Apps, Entra ID, and Microsoft Conditional Access to control resource access based on identity and risk.
  • Trellix DLP Enforcement: Design, engineer, and rigorously enforce Trellix Full Data Loss Prevention (DLP) policies across the enterprise to prevent the unauthorized disclosure of controlled and classified information.
  • Network Data Security: Act as a specialized Network Data Security Engineer. Deploy and manage Trellix Network Prevent and Monitor services to oversee data flows, inspect traffic, and actively block unauthorized exfiltration attempts in real-time.
  • Datacenter Security: Engineer, implement, and monitor robust network security controls and encryption protocols governing all data traffic moving to and from on-premises datacenters and hybrid cloud environments.
  • Zero Trust Architecture: Design and implement data-centric security architectures aligned with DoD and USSOCOM Zero Trust initiatives (NIST SP 800-207).
  • Identity & ABAC Integration: Integrate data security controls with Identity, Credential, and Access Management (ICAM) systems and support the implementation of Attribute-Based Access Control (ABAC) and policy-driven access models.
  • Compliance & cATO: Support Continuous Authorization to Operate (cATO) initiatives through automated security validation, compliance monitoring, and risk assessments of enterprise data repositories.

Qualifications

  • Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related field. Additional years of relevant experience may be substituted for formal education requirements when permitted by contract guidelines.
  • Experience: 10+ years of experience in cybersecurity, information assurance, or data security engineering. 5+ years supporting DoD, Intelligence Community, or Federal Government cybersecurity initiatives.
  • Technical Skills: Data Loss Prevention (DLP), Data Discovery and Classification, Encryption and Key Management, Cloud Security Architecture, Security Automation and Orchestration, Scripting and automation using PowerShell, Python, or similar technologies, Security Framework Knowledge: DoD Zero Trust Reference Architecture, NIST SP 800-207, Zero Trust Architecture, NIST Risk Management Framework (RMF), NIST 800-53 Security Controls, DoD Cybersecurity Policies and Directives, Controlled Unclassified Information (CUI).
  • Required Certifications: Must possess one of the following DoD 8570/8140 IAT Level III certifications: CISSP, CASP+, CCSP, CISM.

Benefits

  • Paid time off
  • Healthcare benefits
  • Supplemental benefits
  • 401k including an employer match
  • Discount perks, rewards

Pay

Competitive compensation package.

Schedule

Hybrid schedule in Tampa, Florida.

Similar jobs