Data Loss Prevention (DLP) & Data Privacy Engineer

Title: Data Loss Prevention (DLP) & Data Privacy Engineer

Location: Houston, Texas

Type: Contract (3 to 6 Months)

Hourly Rate: $60.00 - $70.00 / Per Hour

Summary:

The Data Loss Prevention (DLP) & Data Privacy Engineer will be a part of the Information Security team. In this mid-level role, you will be responsible for designing, implementing, and maintaining enterprise DLP solutions and data privacy frameworks to protect sensitive organizational and customer data. You will work cross-functionally with IT, Legal, Compliance, and business stakeholders to ensure data handling practices align with regulatory requirements and corporate security policies.

Duties:

• Design, deploy, configure, and tune DLP policies across endpoints, networks, email, and cloud environments (Microsoft Purview, Symantec DLP, Forcepoint, or equivalent)

• Monitor DLP alerts, investigate policy violations, and coordinate remediation with data owners and business units

• Develop and maintain DLP rule sets, data classifiers, and content inspection policies tailored to organizational risk tolerance

• Perform regular DLP policy reviews and effectiveness assessments; report metrics to security leadership

• Support the implementation and maintenance of data privacy programs aligned with GDPR, CCPA/CPRA, and other applicable regulations

• Conduct data mapping, data flow analysis, and records of processing activities (RoPA) to identify sensitive data repositories

• Assist with Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new projects and systems

• Collaborate with Legal and Compliance teams to respond to data subject access requests (DSARs) and privacy incidents

• Exposure to eDiscovery, legal hold processes, or forensic investigations involving sensitive data

• Strong analytical and problem-solving skills with the ability to interpret complex data sets and DLP telemetry

• Integrate DLP tools with SIEM platforms (Splunk, Microsoft Sentinel) and SOAR solutions for automated incident response workflows

• Configure and manage data classification solutions (Microsoft Information Protection, Varonis, or similar) to enforce sensitivity labeling

• Support cloud DLP implementations across SaaS, IaaS, and PaaS environments including Microsoft 365, Google Workspace, AWS, and Azure

• Develop scripts and automation (Python, PowerShell) to enhance DLP workflows and reporting capabilities

• Provide guidance and advisory support to IT teams, developers, and business units on secure data handling practices

• Develop and deliver data privacy and DLP awareness training materials for employees

• Participate in security incident response activities related to data exfiltration and unauthorized disclosure events

• Document policies, procedures, runbooks, and technical configurations related to the DLP and privacy program

Requirements:

• 5+ years of hands-on experience in information security with a focus on DLP, data classification, or data privacy engineering

• Demonstrated experience configuring and managing enterprise DLP platforms such as Microsoft Purview, Symantec DLP, McAfee Total Protection, or Forcepoint DLP

• Experience implementing or supporting data privacy programs under one or more regulatory frameworks (GDPR, CCPA/CPRA, PCI-DSS)

• Proficiency in data classification tooling and sensitivity label governance (Microsoft Information Protection preferred)

• Familiarity with cloud security controls and DLP capabilities in Microsoft 365, Azure, AWS, or Google Cloud Platform

• Working knowledge of scripting languages (Python, PowerShell, or Bash) for automation and log analysis

• Experience with SIEM platforms and the ability to write correlation rules related to data exfiltration indicators

Preferred Qualifications

• Experience with CASB solutions (Microsoft Defender for Cloud Apps, Netskope, or Zscaler) to extend DLP controls to cloud applications

• Familiarity with zero trust architecture principles and their application to data security

• Knowledge of data tokenization, encryption, and masking techniques

• Experience supporting or leading Privacy Impact Assessments and coordinating with external auditors or regulators

• Background in endpoint DLP and removable media control policies

• Excellent written and verbal communication skills; able to present technical findings to non-technical stakeholders

• Self-motivated with the ability to manage multiple priorities in a fast-paced environment

• High degree of personal integrity and ability to handle confidential information with discretion

• Collaborative team player who works effectively across departments and organizational levels

Education / Certification

• Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related technical field; or equivalent practical experience

- Certified Information Privacy Professional (CIPP/US or CIPP/E) IAPP - Required

- CompTIA Security+ CompTIA - Required