Key skills
PythonPowerShellLeadershipCommunication
About this role
AFL is a leading manufacturer of fiber optic cable and connectivity solutions, and they are seeking a Data Security Engineer to join their corporate IT Security team. This role is responsible for implementing and operating data security platforms, collaborating with various stakeholders to enhance the data security program and reduce data risk across the organization.
Responsibilities:
- Administer and optimize the DSPM platform (Cyera); drive data discovery, classification, and risk prioritization across cloud and on-premises environments
- Administer and operate the DLP platform (Proofpoint); create, tune, and maintain policies to prevent unauthorized data movement
- Investigate and respond to DLP incidents; work with information owners and business stakeholders to resolve and remediate
- Collaborate with Security Analysts to correlate data security findings with broader security investigations and incidents
- Design and implement a data classification schema and labeling program
- Define and maintain data security policies and procedures
- Build metrics and reporting to communicate program health and risk reduction to leadership
- Partner with legal, compliance, and IT teams to align data security controls with business requirements
- Support audits and regulatory requirements related to data protection
- Contribute to disaster recovery planning and exercises with technology teams
Requirements:
- Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Systems, or related field or equivalent experience
- 4+ years in an information security role with a focus on data security, data protection, or DLP
- Hands-on experience with a DSPM platform (Cyera, Sentra, Varonis, BigID, or similar)
- Hands-on experience with an enterprise DLP platform (Proofpoint, Symantec, Forcepoint, Microsoft Purview, or similar)
- Experience designing or implementing a data classification framework
- Strong written and verbal communication skills
- Ability to translate technical risk into clear business language
- Experience with Microsoft Purview Information Protection and sensitivity labeling
- Familiarity with regulatory frameworks such as GDPR, CCPA, HIPAA, or PCI-DSS
- Experience standing up or maturing a data security program from early stages
- Basic scripting ability (Python, PowerShell, or similar) for data analysis and automation