DLP Engineer

Title: Vulnerability Management and Data Loss Prevention (DLP) Lead Location: Houston, Texas Downtown, must relocate, No Exceptions. (4 days in-office, 1 day remote) Duration: 6 months + Contract Key Responsibilities

• Lead implementation and enhancement of Microsoft Purview Data Classification and DLP policies across Exchange, SharePoint, OneDrive, Teams, and endpoint environments
• Design, implement, and optimize DLP policies and rules (conditions, thresholds, exceptions) to improve detection accuracy and reduce false positives
• Drive automation of DLP alert investigations, including detection validation, triage workflows, and root cause analysis
• Develop and enhance sensitivity labeling frameworks, including taxonomy, enforcement strategies, and enterprise-wide adoption
• Analyze data classification trends and misclassifications, and coordinate user awareness and policy communication initiatives
• Build and maintain operational reporting frameworks, including dashboards and cadence-based reporting (monthly/quarterly) for risk, incidents, and performance metrics
• Lead AI security governance initiatives across Microsoft Copilot, Power Platform, and third-party AI integrations (including Onyx), focusing on posture assessments, guardrails, and risk mitigation
• Establish and maintain standard operating procedures (SOPs), runbooks, and QA processes for DLP investigations and incident management
• Ensure audit readiness and compliance, including documentation, evidence retention, and traceability for security events
• Collaborate with security, compliance, IT, and business stakeholders to prioritize remediation activities and manage security backlogs
• Mentor and guide security analysts, manage workload distribution, and ensure adherence to service-level agreements (SLAs)
• Lead integration of data protection capabilities across enterprise security platforms, including SaaS Security Posture Management (SSPM/SPM) tools, ensuring visibility, governance, and policy enforcement across cloud applications
• Oversee database security and monitoring initiatives using IBM Guardium, including protection of Oracle, SQL Server, and DB2 environments, ensuring compliance and sensitive data protection
• Drive continuous improvement of enterprise data protection capabilities through automation, tool integration, and alignment with broader cybersecurity architecture

Qualifications

• 12+ years of experience in cybersecurity, data protection, or DLP operations, with strong focus on enterprise security platforms
• Hands-on experience with Microsoft Purview (DLP, Information Protection, Sensitivity Labels) and M365 security ecosystem
• Strong working knowledge of database security solutions such as IBM Guardium, including monitoring and protection of Oracle, SQL Server, and DB2 environments
• Experience with SaaS Security Posture Management (SSPM/SPM) tools and cloud security governance across enterprise SaaS platforms
• Exposure to AI security tools and governance frameworks (e.g., Onyx, Copilot security controls) for managing emerging AI risks
• Strong understanding of data security, compliance frameworks (NIST, ISO, etc.), and risk management practices
• Experience with automation, reporting, and security analytics tools to drive operational efficiency
• Strong stakeholder management, leadership, and communication skills, with experience working across cross-functional teams

For applications and inquiries, contact: hirings@openkyber.com