Lead the design, implementation, and optimization of enterprise Data Protection and Data Loss Prevention (DLP) solutions.
Develop and execute strategies to protect sensitive data across cloud and on-premises environments, consistent with Zero Trust architecture principles.
Recommend new features and improvements to enhance the customer’s posture on data protection, data loss prevention, and data valuation.
Collaborate with Infrastructure & Operations teams to integrate data protection capabilities within broader enterprise technology ecosystems.
Partner with the Office of the Chief Information Security Officer (OCISO) to establish frameworks, standards, and operational processes for data valuation and data classification.
Drive the creation of policies, workflows, and governance models that ensure data is adequately protected based on business value and regulatory requirements.
Serve as a subject-matter expert to federal clients on data management, data protection, and secure data handling best practices.
Provide technical leadership on enterprise data initiatives, including architecture reviews, risk assessments, and roadmap development.
Support continuous improvement by evaluating new tools, emerging technologies, and evolving compliance requirements within the data protection space.
Lead the development and implementation of enterprise data categorization and classification frameworks in support of the CDO’s Zero Trust Data Pillar, ensuring accurate identification and protection of high-value and sensitive data assets.
Design and mature data valuation models that account for data sensitivity, business criticality, lifecycle state, and usage context, enabling risk-informed decision-making and the prioritization of protection controls.
Recommend and drive enhancements to enterprise document labeling and handling processes, ensuring alignment with data classification policies, regulatory requirements, and DLP/Zero Trust enforcement mechanisms.
Translate complex data architectures, security concepts, and governance models into clear, actionable insights for mixed technical and non-technical audiences to drive adoption of enterprise data governance and protection practices.
Develop, document, and maintain data health metrics, standardized data definitions, and data governance SOPs, ensuring consistency, transparency, and operational rigor across data protection and management functions.
Requirements
Minimum of 10 years of progressive experience in data architecture, data engineering, data analysis, data migration, or related enterprise data disciplines.
Demonstrated expertise in Data Loss Prevention (DLP) methodologies, tools, and operational best practices across hybrid environments, including cloud and on-prem systems.
Experience designing or implementing data valuation frameworks, including assessing data sensitivity, usage patterns, and business value across the enterprise.
Proven ability to collaborate with subject matter experts, technical teams, and business stakeholders to identify, define, document, and communicate complex data requirements, including those related to data protection, data quality, and data migration.
Hands-on experience working within Agile environments, including participation in ceremonies, backlog refinement, and iterative solution delivery.
Strong analytical, documentation, and communication skills, with the ability to translate data protection concepts into actionable guidance for various audiences.
Professional certifications in data management or data security disciplines, such as DCAM, CDMP, CIPP, CIPM, CISM, or equivalent credentials that demonstrate advanced expertise in data governance, protection, and lifecycle management.
Hands-on experience with enterprise Data Loss Prevention (DLP) platforms, including Microsoft Purview Information Protection, with the ability to design policies, integrate labeling/classification, and operationalize DLP workflows.
Practical experience implementing the Data Pillar of Zero Trust Architecture, including data-centric controls, tagging, segmentation, encryption strategies, and continuous monitoring of data access and usage behaviors.
Proficiency with major cloud computing platforms such as AWS or Azure, including experience leveraging native data protection capabilities (e.g., KMS, IAM, Purview, Defender for Cloud, S3 security controls, or equivalent).