Information Security Engineer

About the Role We are seeking an Information Security Engineer (3–5 years experience) with hands on expertise in data security, DLP, and security automation, with growing exposure to AI security. This role will support and mature enterprise data protection capabilities while helping operationalize data security cleanup workflows through automation and cross team coordination. The ideal candidate is comfortable executing and improving DLP controls, building automation to drive remediation, and partnering with application, platform, and business teams to reduce data risk at scale.

The role offers opportunities to lead smaller initiatives or assist senior engineers on larger data security and AI governance efforts. Job Summary Plans, designs, and builds security architectures for the organization. Implements network and computer security and ensures compliance with information security policies and procedures.

Key Responsibilities Assist in the implementation, tuning, and ongoing operation of DLP and data protection controls across M365, endpoints, email, SaaS, and cloud platforms. Maintain and refine DLP policies, classifiers, and detections to improve precision and reduce false positives. Support enterprise data discovery, classification, and exposure reduction efforts.

Participate in data security incident triage, investigation, and remediation coordination. Design and maintain automation workflows to support data security cleanup and remediation, including automated email notifications to data owners, Jira/ticketing automation for tracking remediation actions, workflow‑driven follow‑ups and escalation paths, and use tools such as Power Automate or similar platforms to reduce manual effort and improve consistency. Partner with data owners and technical teams to communicate findings clearly, provide guidance and assistance with cleanup where needed, and track remediation progress to closure.

Hands‑on configuration and operational support for Microsoft Purview (Sensitivity Labels, DLP, Endpoint DLP, Data Classification), Microsoft Defender (Endpoint and Cloud App data protection features), Varonis, Proofpoint, Lightbeam or similar data access governance tools, plus support reporting, dashboards, and audit‑ready evidence for data security controls. Assist with AI security reviews, ensuring sensitive data is not shared with unauthorized AI tools, and support AI intake and approval workflows by validating data scope, access controls, and guardrails aligned with security and privacy requirements. Maintain knowledge of secrets management concepts, help identify and remediate hard‑coded secrets, credentials stored in code repositories, and high‑risk PII/PCI data, and partner with engineering teams to promote secure secrets handling practices.

Support data security controls aligned with PCI DSS, SOC 2, NIST, ISO 27001, GDPR/CCPA, contribute to policies, standards, and SOPs related to data handling, DLP, automation, and AI usage, and assist with audit preparation and evidence collection. Initiate security response procedures when incidents are detected, update CSIRT documentation and procedures, write code or scripts to automate, monitor, and test security solutions, and assist in designing, building, configuring, and maintaining cybersecurity threat defense capabilities and user access management. Maintain cybersecurity requirements for network, system, and/or application technologies, configure and install security technologies such as firewalls, intrusion detection systems, access controls, implement software fixes to remove system vulnerabilities, perform daily reviews of OS and network changes, deploy patches, manage security objects including SSL certificates, PGP and private keys, system passwords, anti‑virus, spyware, and malware solutions, and identity management.

Nature and Scope Demonstrates skill in data analysis techniques by resolving missing/incomplete information and inconsistencies/anomalies in more complex research/data. Work requires increasing independence; receives guidance only on unusual, complex problems or issues; review typically involves periodic review of output by supervisor or direct customers. May provide general guidance to or train junior level support professionals.

Work Environment Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. Most of the time is spent sitting in a comfortable position with frequent opportunity to move about; on rare occasions there may be a need to move or lift light items.

Requires overnight travel 5% to 20% of the time. Education and Experience Typically requires BS/BA in a related discipline. Generally 2–5 years of experience in a related field or MS/MA and generally 2–4 years of experience in a related field.

Certification is required in some areas. Equal Employment Opportunity Our organization is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. #J-18808-Ljbffr