Agile DefenseRemote
Data Loss Prevention Security Engineer
United States
Full-time
1 week ago
$130,000 - $142,000 USD
H1B Sponsor Likely
Key skills
Microsoft Purview Information ProtectionData Loss Prevention (DLP)Compliance frameworks knowledgeMicrosoft 365 E5 SecurityKQL queriesIncident response workflowsSensitivity label configurationAutomated DLP alert handlingZScalerQualysProactive self-starterAzureAzure ADEntra IDJiraConfluenceAgileChange Management
About this role
Agile Defense is committed to innovative solutions for national security and critical civilian missions. The Data Loss Prevention (DLP) Security Engineer is responsible for designing, implementing, and managing enterprise data protection solutions to ensure sensitive information is classified and protected throughout its lifecycle.
Responsibilities:
- Implement, and maintain Microsoft Purview, DLP, Information Protection, and compliance policies, plans, and procedures
- Develop and tune DLP rules for endpoints to manage the flow of data between approved boundaries
- Manage and optimize sensitivity labels, mandatory encryption, and content marking across Microsoft 365 and supported third-party integrations within our operating environment
- Collaborate with IT and department teams to align DLP policy coverage with regulatory and contractual data handling requirements (e.g., CUI, FCI)
- Investigate and respond to DLP incidents, working with Defender XDR and Sentinel to correlate events and generate actionable insights
- Maintain DLP dashboards and reporting to track violations, policy effectiveness, and user behavior trends
- Serve as the technical liaison for enterprise data protection initiatives involving Purview, Zscaler, Qualys, and related security tools
- Support periodic policy reviews, risk assessments, and audits, ensuring continuous compliance and alignment with security architecture standards
- Document DLP processes, SOPs, and configuration baselines in accordance with company change management practices (Jira/Confluence)
- Provide technical guidance and training to administrators and end-users on data handling best practices
Requirements:
- At least one of the following or related certifications: Microsoft Certified Information Protection Administrator Associate (SC-400), Microsoft Certified Cybersecurity Architect Expert (SC-100)
- Bachelor's degree in Cybersecurity, Information Systems, or related field (or equivalent experience)
- 5+ years of experience in information security, with at least 2+ years focused on data protection and DLP engineering
- Hands-on expertise in Microsoft Purview Information Protection/DLP, Microsoft 365 E5 Security, Defender for Endpoint, Intune app protection, and Entra ID (Azure AD)
- Actionable knowledge of data classification standards and compliance frameworks (NIST 800-171, CMMC, ISO 27001, HIPAA)
- Strong understanding of DLP rule logic, sensitivity label configuration, and incident response workflows
- Experience with KQL queries, Microsoft Sentinel, and automated DLP alert handling through SOAR or ticketing tools (e.g., Jira)
- Must be a proactive self-starter with ability to effectively manage timelines for delivery and execution
- Familiarity with ZScaler and Qualys a plus