Security Engineer

Description

Only US Citizen

Salary Rate: $107 - $160 K yearly

Client: TIAA - The Teachers Insurance and Annuity Association of America-College Retirement Equities Fund is an American financial services organization that is a private provider of financial retirement services in the academic, research, medical, cultural and governmental fields.

Skills

• Policy Development
• Software as a Service (SaaS)
• Network Security
• Information Rights Management
• Cloud Security
• DLP
• Azure Infrastructure as a Service (IaaS)
• Information Security

About the job

• The Lead Information Security Engineer will be the organization’s subject matter expert (SME) for the Data Loss Prevention (DLP) and Insider Risk Management (IRM) programs.
• This role will be responsible for spearheading the design and implementation of enterprise level DLP and IRM strategies.
• This individual contributor role will be a member of a global engineering team that collaborates with various organizations and vendors to continually assess and improve the effectiveness of DLP and IRM controls and policies.

Key Responsibilities And Duties

• DLP Program Development: Lead the design and implementation of a cohesive DLP strategy, including data classification, policy creation, standards, and best practices to safeguard sensitive information.
• Data Classification and Labeling: Develop and manage data classification schemes and collaborate with data owners to ensure data is accurately labeled according to sensitivity and regulatory requirements.
• Data Discovery and Inventory Management: Use data discovery tools to locate unstructured data and catalog sensitive data across on-premises and cloud environments.
• Engineering design: architect and implement highly available and resilient solutions.
• Policy and Rule Configuration: Design, implement, and fine-tune DLP policies and detection rules to minimize false positives and optimize incident management.
• User and Entity Behavior Analytics (UEBA): Integrate user and entity behavior analytics with DLP tools to detect abnormal data access or potential insider threats, developing models to monitor deviations in sensitive data handling.
• Cloud and SaaS Data Protection: Develop DLP strategies for cloud services and SaaS applications to extend data visibility and control in cloud environments.
• Automation & Scripting: Leverage scripting languages (e.g., Python, PowerShell) to automate DLP processes, enhance security monitoring, and support the integration of DLP controls within existing systems. Security Controls Optimization: Identify and implement automation opportunities to improve the DLP program’s efficiency in detecting and responding to security incidents.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 5+ Years Required; 7+ Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Required Skills

• DLP Expertise: 5+ years’ experience integrating and managing DLP technologies, data classification, exfiltration monitoring, and email/endpoint/web DLP. (EX: Forcepoint DLP, Microsoft Defender for Cloud Apps, Microsoft Purview, Proofpoint DLP, Symantec DLP, Trellix DLP, Zscaler ZIA DLP & DSPM)
• Policy Development: Experience in creating and managing data protection policies and governance processes in compliance with regulatory requirements.
• Scripting Proficiency: 2+ years’ experience in scripting languages (e.g., Python, PowerShell) to support DLP automation.

Preferred Skills

• 7+ years’ experience as a Security or Infrastructure Engineer with 2+ years of demonstrated experience working with DLP technologies
• Security Architecture: 2+ years’ experience creating and maintaining reference security architectures and frameworks that incorporate DLP and automation.
• Project Leadership: Experience leading DLP, IRM, or security automation projects from design through deployment.
• Security Certifications: Recognized certifications (e.g., CISSP, CCSP, CISM, GSEC) focused on data protection, SecurityDevOps, or cloud security.
• Prompt engineering: Experience crafting instructions (prompts) to elicit the best possible output from generative AI models.

Related Skills

• Accountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail-Oriented, General Risk Management, Network Security, Prioritizes Effectively