DLP Security Engineer with Microsoft Purview

ITCI is hiring seasoned The Senior DLP (Data Loss Prevention) Security Engineer will be responsible for designing, implementing, and managing enterprise-level DLP strategies using Microsoft Purview. This role requires deep expertise in data protection, regulatory compliance, policy tuning, and incident lifecycle management. The ideal candidate will have 810 years of experience in enterprise security with a strong focus on data classification, insider threat prevention, and Microsoft 365 data protection technologies.

Key Responsibilities:

1. Design, implement, and manage DLP policies in Microsoft Purview across endpoints, email, cloud apps, and on-prem environments.
2. Lead DLP policy lifecycle management, including policy scoping, testing, deployment, and tuning based on incident trends and user behaviour.
3. Integrate DLP controls with Microsoft Defender, Sentinel, and other SIEM/SOAR platforms to ensure comprehensive incident response capabilities.
4. Implement data classification schemes and sensitivity labels, ensuring proper tagging and protection of sensitive data.
5. Monitor, investigate, and respond to DLP incidents, including false positive analysis, root cause identification, and resolution coordination with stakeholders.
6. Coordinate with legal, compliance, and business units to ensure DLP policies align with privacy laws (e.g., GDPR, HIPAA) and internal governance requirements.
7. Generate periodic DLP dashboards and reports for security leadership, audit, and compliance reviews.
8. Drive user awareness and training efforts to reduce accidental or intentional data leakage.
9. Mentor junior engineers and analysts and contribute to cross-functional security projects and reviews.
10. Participate in security governance programs, incident reviews, and risk assessments to evolve the organizations data protection strategy.

Required Skills and Experience:

• 7-10 years of experience in information security, with a minimum of 35 years in DLP and data security.
• Hands-on experience with Microsoft Purview, including Data Classification, DLP, Information Protection, and Insider Risk Management.
• Experience with Microsoft 365 compliance center, Exchange Online, SharePoint, OneDrive, Teams, and endpoint DLP policy deployment.
• Strong understanding of regulatory frameworks such as GDPR, HIPAA, SOX, and industry-specific data protection standards.
• Knowledge of data discovery and content inspection techniques, including keyword matching, regex, exact data match (EDM), and document fingerprinting.
• Proficient in incident analysis, tuning rules, and remediation workflows using Microsoft tools and SIEM platforms.
• Excellent communication, report writing, and stakeholder engagement skills.

Preferred Certifications like: 

• SC-200: Microsoft Security Operations Analyst
• SC-400: Microsoft Information Protection Administrator

• CIPP/US

  ,

  CISM

  ,

  CISSP

  , or equivalent data privacy/security certifications
• Experience with other DLP tools (e.g., Forcepoint, Symantec DLP, Digital Guardian) is a bonus