Cybersecurity DLP Analyst/Engineer (Microsoft Purview)

Job Title: Cybersecurity DLP Analyst/Engineer (Microsoft Purview)

Job type: Full time

Job location: Philadelphia, PA ( 1-2 days onsite)- Either Allentown Downtown or Philadelphia Center-City

Reporting to the Information Security Manager, the Cybersecurity DLP Analyst/Engineer will support and mature our Data Loss Prevention (DLP) and data protection initiatives. This role will be primarily responsible for deploying, tuning, and maintaining DLP policies within Microsoft Purview, aligning with regulatory compliance requirements and internal data governance policies. The Cybersecurity DLP Analyst/Engineer will bring a strong technical understanding of data protection controls across endpoints, cloud services, email, and collaboration tools, with a specific focus on Microsoft 365 environments.

Key Responsibilities:

Design, implement, and manage Microsoft Purview DLP policies across endpoints, SharePoint Online, OneDrive, Exchange Online, and Microsoft Teams.

Continuously monitor, triage, and investigate DLP events to assess risk and support incident response processes - serve as escalation point for DLP & IRM Alerts coming in from SOC.

Collaborate with data governance, legal, compliance, and business units to identify sensitive data types and ensure proper protection strategies are in place.

Customize and tune DLP rules, classifications, and information types to minimize false positives while maintaining policy efficacy.

Support initiatives to classify and label data using Microsoft Information Protection (MIP) and sensitivity labels.

Provide technical recommendations for improving data protection posture and reducing insider risk.

Maintain documentation for DLP policies, procedures, incident response workflows, and reporting metrics.

Work closely with the Security Operations Center (SOC), Privacy Office, and IT Infrastructure teams to support broader cybersecurity initiatives.

Assist with audits, risk assessments, and regulatory compliance reviews (e.g., HIPAA, HITRUST, NIST CSF).

Required Qualifications:

3 5 years of experience in cybersecurity, with at least 2 years focused on Data Loss Prevention.

Hands-on experience configuring and managing Microsoft Purview DLP (Endpoint, Exchange Online, SharePoint Online, OneDrive).

Solid understanding of Microsoft Information Protection (MIP) and sensitivity labels. Familiarity with cloud data security concepts and Microsoft 365 security and compliance center.

Strong analytical and troubleshooting skills for evaluating DLP incidents and policy performance.

Excellent written and verbal communication skills; capable of producing clear documentation and presenting technical information to non-technical stakeholders.

Preferred Qualifications:

Experience in healthcare, finance, or other regulated industries with data protection and privacy requirements.

Knowledge of insider risk management, compliance manager, or Microsoft Defender for Cloud Apps (MCAS).

Relevant certifications such as:

Microsoft Certified: Information Protection Administrator Associate

Certified Information Systems Security Professional (CISSP)

Certified Information Privacy Professional (CIPP)