First Student is a leading transportation company committed to safely transporting students and passengers. They are seeking a Data Protection & Security Engineer to own data protection capabilities and provide security engineering support across various domains, collaborating with IT, Legal, and Data teams to ensure effective security controls.
Responsibilities:
- Own enterprise data protection risk assessments, classification standards, and control effectiveness evaluations
- Identify data exposure risk across cloud, SaaS, and on-premises environments
- Contribute to vulnerability assessments and architecture reviews within the Cybersecurity function
- Design and define data protection control requirements and standards for DLP, encryption, key management, and data governance across cloud and on-premises environments
- Work with I&O and Data teams to ensure controls are implemented to Cybersecurity specifications; validate implementation outcomes
- Provide security engineering expertise across cloud infrastructure and endpoint security domains
- Monitor for data misuse, exfiltration, and policy violations
- Integrate DLP detection capabilities with SOC workflows
- Support SIEM log source expansion and alert quality improvements in coordination with the Security Operations function
- Lead Cybersecurity response activities for data exposure incidents, including investigation direction, containment guidance to I&O, remediation oversight, and lessons learned
- Develop and maintain data protection policies aligned with FERPA, CCPA, Canadian provincial privacy laws, and enterprise risk objectives
- Own the data classification framework and drive operationalization across key data stores and workflows
- Contribute to management reporting, risk acceptance documentation, and work tracking
- Provide technical oversight of cybersecurity analysts
- Review work product and deliverables for quality, accuracy, and alignment with standards
- Serve as a technical escalation point within the team for data protection and cybersecurity questions
Requirements:
- Bachelor's degree in Computer Science, Information Systems, or equivalent experience
- 7+ years of cybersecurity experience with at least 4 years in data protection, cloud security, or cybersecurity engineering
- Proficiency with Python or PowerShell for automation, reporting, and control validation
- Familiarity with NIST CSF, CIS Controls, and how to translate regulatory requirements into technical controls
- Experience working across organizational boundaries, such as defining requirements for teams that own implementation and validating outcomes without direct execution authority
- Prior experience providing technical oversight or mentorship to others
- Operates independently and takes clear ownership of outcomes
- Comfortable defining requirements and holding other teams accountable for implementation without direct control over execution
- Comfortable holding multiple technical domains simultaneously (data protection and security engineering) and prioritizing across them without daily direction
- Effective at working across organizational boundaries by communicating requirements clearly, escalating when standards are not met, and building productive working relationships
- Strong communication skills; able to translate technical data risk into terms meaningful to Legal, and management and executive stakeholders
- High integrity and ownership mindset
- Proactive approach to risk reduction
- Industry certifications such as SANS/GIAC (for example, GDSA, GDAT, or equivalent), CISSP, CISM preferred
- Hands-on experience configuring and operating DLP platforms (M365 Purview strongly preferred; CrowdStrike Falcon Data Protection preferred; equivalent experience acceptable)
- Experience implementing data classification frameworks in enterprise environments with regulated data (FERPA, COPPA, CCPA, or Canadian privacy law familiarity preferred)
- Strong understanding of AWS security services and cloud-native data protection controls (S3 bucket policies, KMS, Macie, CloudTrail)
- Security engineering experience: familiarity with SIEM log sources, endpoint security platforms (CrowdStrike Falcon preferred), and vulnerability management tooling (Rapid7 preferred)