Qureos

Find The RightJob.

companyLogo
COMMERCIAL BANK OF CALIFORNIA

Data Loss Prevention Engineer

Data Loss Prevention Engineer

Location: Irvine, CA
Job Type: Full-Time | Exempt | Hybrid Eligible
Salary Range: $95,000 – $153,000 per year

About Commercial Bank of California

Commercial Bank of California (CBC) is the largest Latino-owned bank in California and a certified Minority Depository Institution (MDI). Headquartered in Irvine and founded in 2003, CBC is one of the largest privately held banks in the state, with over $3.5 billion in assets as of December 2025.

We are a purpose-driven financial institution committed to building long-term relationships and delivering innovative, personalized banking solutions. Our leadership reflects the diverse communities we serve, and our mission is rooted in empowering entrepreneurs, business owners, and community leaders to thrive.

As a certified MDI, CBC is proud to play a vital role in advancing financial inclusion and economic opportunity. We believe in a higher vision for banking—one that prioritizes trust, collaboration, and community impact. Join us and be part of a team that’s redefining what it means to be a community-focused, relationship-driven bank that puts people over profits.

Job Summary

We are seeking a highly skilled and experienced Data Loss Prevention (DLP) Engineer who will also function as an SOC escalation point. Knowledge and experience in designing, implementing, and continuously optimizing the AIDR (AI Detection and Response) solution are a plus, i.e., preventing AI-specific data loss, addressing AI-specific vulnerabilities, governing and enforcing zero-trust policies on AI agents.

In addition, this role is also responsible for designing, implementing, and continuously optimizing the Bank’s existing data loss prevention and Zero Trust Network Access enforcement, while serving as an escalation point for advanced security incidents involving AI systems, data exfiltration, and sophisticated threats.

The role blends preventive security architecture with hands-on incident response, ensuring the secure adoption of AI technologies while enforcing governance, zero-trust principles, and regulatory data protection requirements.

Essential Duties and Responsibilities

Data Loss Prevention & Unified Security Posture Management
  • Design, operate, and optimize enterprise DLP programs using:
    • Inline and Out‑of‑Band scanning
    • AI-driven sensitivity data labeling for end-to-end classification, tagging, and enforcement
  • Enforce consistent data protection policies across:
    • SaaS applications
    • E‑mail platforms
    • Web traffic
    • Data repositories and file transfers
  • Protect sensitive data types, including:
    • NPPI
    • Bank confidential data
    • PCI data
  • Continuously tune policies to reduce false positives while increasing detection fidelity
  • Lead Unified Security Posture Management across AI, data, SaaS, endpoint, network, server, and database.
  • Correlate telemetry across our environment to provide holistic visibility into risk.
  • Identify gaps in data handling, AI usage, and access patterns and drive remediation.

Zero Trust Network Access (ZTNA)
  • Own the design and fine-tuning of ZTNA.
  • Enforce least‑privilege access based on:
    • Identity
    • Device posture
    • User behavior
    • Application and data sensitivity
  • Ensure ZTNA controls extend to AI platforms, SaaS applications, and sensitive internal resources.

Incident Response & SOC Escalation
  • Serve as an escalation point and incident responder for security events.
  • Lead investigation, containment, and remediation of incidents involving:
    • AI systems and AI data leakage
    • SaaS compromise
    • Web-based attacks
    • Data exfiltration and insider risk
    • Analyze and correlate telemetry from our security tooling and SIEM sources
  • Conduct root‑cause analysis and post-incident reviews.
  • Improve SOC playbooks, detection logic, and response procedures based on lessons learned.
  • Mentor SOC analysts.
Minimum Qualifications
  • Experience in security tool engineering, incident response, or SOC operations.
  • Deep hands-on experience with security solutions that provide:
    • Web & SaaS Security
    • ZTNA
    • DLP
    • AI Security
    • Endpoint, Server, and Database Security
  • Strong experience implementing and operating AI-driven sensitivity labeling
  • Proven experience responding to advanced security incidents.
  • Strong understanding of:
    • Data loss prevention architectures
    • Zero Trust security models
    • SaaS, cloud, web, endpoint, server, database, and AI security
  • Familiarity with regulatory frameworks (FFIEC IT Handbooks, PCI, FDIC Rules and Regulations).

Preferred Qualifications
  • Hands‑on experience on AIDR, specifically:
    • Detecting and mitigating AI threats such as data loss, prompt injection, jailbreaks, data poisoning, manipulation of LLM inputs/outputs, and AI model/inference tampering.
    • Implementing AI-aware inspection and policy enforcement across web, SaaS, and API traffic.
    • Establish governance and guardrails for AI agents, including visibility into AI/LLM usage (authorized and shadow AI), policy-based access controls aligned to Zero Trust principles, and secure handling of sensitive data processed by AI systems
    • Traditional network and cloud-based firewalls
Security certifications (preferred): CISSP, CISA, CISM, etc.

Benefits & Perks

  • Competitive employer contribution to medical, dental and vision coverage
  • 401k plan with employer match
  • Flexible Spending Accounts (FSA) and Dependent Care Accounts
  • Employee Assistance Program (EAP)
  • Employer provided Calm subscription
  • Employer provided mental health benefits through Teladoc
  • Life, AD&D and disability insurance
  • Minimum 15 Days of Vacation, 11 Paid Federal Holidays, Paid Time off to Volunteer
  • Online discount program
  • Tuition Reimbursement Program

Join Our Team!

  • Submit your resume to Apply to Your Position Here

Equal Employment Opportunity & Accommodations

Commercial Bank of California is proud to be an Equal Employment Opportunity employer. We are committed to creating an inclusive environment for all employees and applicants. All qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability, protected veteran status, or any other legally protected characteristic.

We evaluate applicants fairly and equitably, including those with criminal histories, in accordance with applicable federal, state, and local laws.

Commercial Bank of California is also committed to providing reasonable accommodations to individuals with disabilities. If you require a reasonable accommodation during the application or interview process, please contact us at hr@cbcal.com with the nature of your request and your contact information.


Recruitment Policy

Commercial Bank of California does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to CBC, either directly or indirectly, will be considered the property of Commercial Bank of California.

We will not pay a fee for any placement resulting from the receipt of an unsolicited resume. To submit candidates for consideration, recruiting agencies must have a valid, written, and fully executed agreement with Commercial Bank of California. Without such an agreement in place, no agency submissions will be accepted or compensated.

Similar jobs

Deloitte logo
Deloitte Innovation Hub I Cyber Security I Data Protection Senior Engineer, Cairo,Egypt

Deloitte

Cairo, Egypt

about 3 hours ago

© 2026 Qureos. All rights reserved.

Term of usePrivacy policy