Senior Data Security Engineer (DLP & AI Security) - Microsoft Purview, Concentric AI & Varonis
Location: New York, NY 10017 (100% Onsite)
Full Time Only
Skills Required:
Primary Skill - Data Security, DLP
Experience in - Data Classification, DLP solution.
Role
o Owner of Data Security Program
o Resource needs to manage the tool as Admin / define new policies
Mandatory Tools - Microsoft Purview & Concentric AI and/or Varnish Data Security
Tools Good to have - DSPM.
AI experience is required. (Mainly Security for AI).
DETAILED JD:
Role Overview
We are looking for a skilled Data Security Engineer with strong handson experience in Microsoft Purview Information Protection , Concentric AI and Varonis to support enterprise data discovery, classification, risk prioritization, and data loss prevention (DLP) initiatives.
The role focuses on protecting sensitive and businesscritical data across cloud, endpoint, and collaboration platforms through automation, policy enforcement, analytics, and continuous risk reduction.
Key Responsibilities
Microsoft Purview Data Protection & Governance
Configure and manage Microsoft Purview Information Protection components:
o Sensitivity labels
o Data classification
o Autolabeling policies
Implement and manage DLP policies across:
o Exchange Online
o SharePoint Online
o OneDrive
o Microsoft Teams
o Endpoint DLP
Tune DLP rules to reduce false positives while ensuring regulatory compliance.
Monitor alerts, incidents, and policy violations; perform rootcause analysis.
Support data discovery and classification scans across M365 workloads.
Concentric AI Sensitive Data Discovery & Risk Prioritization
Deploy and manage Concentric AI for:
o Sensitive data discovery
o Contextaware risk scoring
o Data access analytics
Identify overexposed, stale, or risky data across repositories.
Correlate user behavior, data sensitivity, and access patterns.
Use Concentric insights to finetune Purview DLP and labeling strategies.
Generate riskbased remediation recommendations.
Varonis Data Security Analytics & Access Governance
Deploy, configure, and manage Varonis modules for:
o Sensitive data discovery and classification
o Data access analytics and permissions analysis
o Threat detection and data exposure reduction
Identify excessive permissions, inactive users, and anomalous data access.
Investigate insider threats, abnormal behavior, and data exfiltration attempts.
Drive remediation by tightening access controls and reducing data exposure.
Integrate Varonis insights with Purview and Concentric findings for unified risk management.
Incident Handling & Incident Response Support
Investigate data exposure and DLP incidents using Purview, Concentric, and Varonis dashboards.
Perform incident triage, analysis, and coordination with SOC, IR, and IT teams.
Support incident containment actions:
o Policy blocks
o User access restrictions
o Label enforcement
Maintain incident documentation and postincident analysis reports.
Reporting, Governance & Compliance
Prepare monthly and quarterly reports covering:
o Data risk posture
o DLP trends
o Sensitive data exposure metrics
Track KPIs such as:
o Reduction in data exposure risk
o DLP incident trends
o Label adoption and coverage
Support audit and compliance initiatives aligned to:
o ISO 27001
o GDPR
o SOC 2
o HIPAA (where applicable)
Maintain SOPs, playbooks, and governance documentation.
Integration & Continuous Improvement
Integrate Purview and Concentric with:
o Microsoft Entra ID
o SIEM platforms (Splunk / Sentinel where applicable)
Recommend improvements for data security posture based on analytics.
Stay updated with evolving data security threats, Purview features, Concentric AI and Varonis capabilities.
Required Technical Skills
Mandatory
Strong handson experience with Microsoft Purview Information Protection & DLP.
Experience implementing Endpoint, M365, and Cloud DLP policies.
Handson exposure to Concentric AI for sensitive data discovery and risk analysis.
Handson experience with Varonis for data security analytics and access governance.
Good understanding of data security, privacy, and information protection principles.
Experience supporting enterprisescale M365 environments.
Good to Have
Experience with Insider Risk Management.
Familiarity with SIEM tools (Splunk, Sentinel).
Understanding of data privacy regulations (GDPR, PCI DSS).
Exposure to CASB / Defender for Cloud Apps.
Soft Skills
Strong analytical and investigative mindset.
Ability to convert technical findings into executivefriendly insights.
Excellent communication and documentation skills.
Collaborative, processdriven approach to security delivery.