Key skills
Data Loss Prevention (DLP)Microsoft PurviewForcepoint DLPMicrosoft 365OneDriveSharePoint OnlineMicrosoft TeamsM365 GCC HighAzure IL4+Risk Management Framework (RMF)Authorization to Operate (ATO) documentationDISA STIGsPowerShellMicrosoft Graph APICySA+ certificationForcepoint Certified DLP Administrator (FCDA) certificationSC-401 certificationAzure
About this role
S2i2, Inc is a growing company with a supportive and inclusive culture. They are seeking a Cybersecurity Engineer to provide engineering and operational support for their Data Loss Prevention program, focusing on the enhancement of Microsoft 365 Purview and Forcepoint DLP technologies.
Responsibilities:
- Provide engineering and operational support for the agency's enterprise Data Loss Prevention (DLP) and File Content Analysis (FCA) program
- Support the continued enhancement and sustainment of the agency's Microsoft 365 Purview implementation and the parallel deployment of Forcepoint DLP technologies for endpoint and network data protection outside the M365 environment
- Be responsible for DLP policy development, data classification and monitoring, FCA integration, incident analysis, tuning and optimization of detection capabilities, and ensuring compliance with federal cybersecurity and data protection requirements across enterprise systems and cloud environments
Requirements:
- Active Secret or Top-Secret Clearance
- 7 plus years of relevant IT experience
- Experience implementing modern security solutions in enterprise environments
- Microsoft Purview enterprise DLP deployment experience: policy authoring, sensitive information type design, DLP rule tuning across M365, OneDrive, SharePoint Online, and Teams
- Forcepoint DLP enterprise deployment experience: endpoint DLP, network DLP, fingerprinting, incident workflow
- Experience operating in M365 GCC High and/or Azure IL4+ environments
- RMF / ATO documentation experience for DLP solutions, particularly cloud-based with DoD reciprocity
- Tier 3 enterprise support experience (24x7x365 on-call rotation)
- Demonstrated record of DLP rule tuning that reduced false positive rates
- Experience with DISA STIGs as applied to DLP infrastructure
- PowerShell / Microsoft Graph API automation for DLP policy management
- One of the following: DoD 8570.01 IAT Level II baseline certification (Security+ CE, CCNA-Security, CySA+, GICSP, GSEC, SSCP, or CND)
- One of the following: CNDSP-IS certification (CEH, CFR, CCNA-Cyber Ops, CHFI, CySA+, GCIA, GCIH, or SCYBER)
- Forcepoint Certified DLP Administrator (FCDA) certification preferred or 'DLP Administrator' certification Preferred
- Microsoft SC-401 (Information Protection Administrator) certification preferred