Role Summary
We are looking for a highly technical and analytical Senior Data Protection Engineer to serve as the subject matter expert for our DLP and DAM platforms. You will be responsible for the end-to-end management of these systemsfrom strategy and deployment to monitoring, tuning, and incident response. Your work will directly protect our or customer most valuable data assets from internal and external threats, ensuring compliance with regulations.
This is a hands-on role that requires deep technical knowledge of data security tools, a understanding of data flows, and a proactive approach to threat mitigation.
Key Responsibilities
DLP (Data Loss Prevention) Engineering:
- Serve as the primary owner and administrator for the enterprise DLP platform Trellix. This include but not limited to Health check, update, capacity & available management.
- Architect, deploy, and maintain DLP agents and policies across endpoints, network, and cloud (SaaS, IaaS) channels.
- Perform data flow analysis (DFA) and develop and fine-tune DLP policies to accurately detect and prevent the exfiltration of sensitive data (e.g., PII, PCI, PHI, Intellectual Property) while minimizing false positives.
- Investigate and respond to DLP alerts, leading the incident response process for potential data exfiltration events.
- Integrate DLP with other security systems (SIEM, SOAR, Email Security) for automated ticketing and enriched investigation.
- Reporting & Dashboarding along with DLP config management, policy changes & review
DAM (Database Activity Monitoring) Engineering:
- Manage the DAM solution platform (IBM Guardium) for administration & access management and monitor, capture, and analyze all database activity in near real-time.
- Deploy and maintain DAM sensors and agents across diverse database environments (e.g., Oracle, SQL Server, MySQL, AWS RDS, Azure SQL).
- Create and optimize DAM policies to alert (e.g. PII & financial data) on suspicious activities, privileged user misuse, and potential data breaches based on the MITRE ATT&CK framework.
- Conduct forensic analysis on database events to support incident investigations and compliance audits.
- Ensure the integrity and performance of the DAM infrastructure.
- Monitoring Report creation, review & submission, Config management, Sharing audit logs during internal and external audits
- Conduct data access reviews, anomaly detection, Database Risk review reporting
- Daily/Weekly/Monthly schedule and on-demand out of box reporting
- Interfacing with DBA team for testing and troubleshooting DAM controls
Program Management & Optimization:
- Continuously assess the effectiveness of DLP and DAM controls and recommend improvements.
- Develop and maintain detailed documentation of architectures, policies, procedures, and workflows.
- Stay current with emerging data security threats, technologies, and best practices.
- Manage the lifecycle of the DLP and DAM tools, including vendor management, licensing, and upgrade planning.
Collaboration & Compliance:
- Work closely with the Internal teams to ensure DLP/DAM controls meet regulatory requirements.
- Partner with IT, DevOps, and database administrators to ensure seamless deployment and minimize business disruption.
- Mentor junior analysts and serve as an escalation point for complex data security incidents.
- Generate and present metrics and reports on data protection program effectiveness to leadership.
Required education
Bachelor''s Degree
Preferred education
Master''s Degree
Required technical and professional expertise
Required Qualifications & Experience
-
5+ years
of experience in cybersecurity, with at least 3 years
of hands-on, dedicated experience managing both DLP
and DAM
platforms. - Proven experience in deploying, configuring, and tuning a major enterprise DLP solution.
- Proven experience in deploying, configuring, and tuning a major DAM solution, including the management of sensors and database activity policies.
- Strong understanding of data classification frameworks and regulatory requirements.
- Good knowledge of database structures, SQL queries, and common database platforms.
- Practical understanding of network protocols (HTTP/S, SMTP, FTP) and cloud application architectures (e.g., O365, Google Workspace, AWS, Azure).
- Excellent analytical and problem-solving skills with the ability to investigate complex data security events.
Preferred technical and professional experience
Preferred Qualifications
- Direct hands-on experience with one or more of the following:
-
DLP:
Trellix (McAfee) DLP. -
DAM:
IBM Guardium
- Relevant certifications such as:
- Vendor-specific certifications (e.g., IBM Guardium Administrator, Trellix DLP).
- Experience with scripting languages (Python, PowerShell) for automation and integration will have added advantage.
- Familiarity with Data Security Posture Management (DSPM) concepts and tools.
- Experience working in a regulated industry (Finance) will have added advantage.
