Data Security Engineer Lead/

Data Security Engineer Lead / Remote

• 100% Remote
• 2 year contract
• Data Security Remediation Engineer
• Interview Process: Video
• Start Date: ASAP

• Must have one of the following: Security + CE, CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, CND, CASP CE, CISSP, CSSLP, BigID Privacy, Security & Data Governance Professional, BigID Project Manager, Microsoft Certified: Information Protection Administrator Associate (SC-400)

DESCRIPTION OF PROJECT AND TASKS

Statement of Work:

This initiative focuses on a comprehensive data security transformation designed to discover, classify, and secure unstructured data across the client's Microsoft 365 SharePoint and OneDrive environments. Leveraging the technical integration of BigID for deep discovery and Microsoft Purview for policy enforcement, the project follows a structured four-phase lifecycle: initially targeting Critical data (Phase 1), expanding to Moderate sensitivity (Phase 2), identifying Low Risk/Stale (ROT) data (Phase 3), and executing comprehensive Remediation (Phase 4). The Remediation Team will drive the execution of this strategy, managing the cross-platform integration to perform essential tasks such as validating classification accuracy, applying sensitivity labels, enforcing Data Loss Prevention (DLP) policies, and relocating at-risk files to ensure a compliant and hardened data estate.

Task Description:

The Remediation Lead will drive the strategic and technical execution of the data security transformation, collaborating deeply with client stakeholders and data owners to define comprehensive remediation strategies and governance policies. In close partnership with the Project Architect, this role will identify solution requirements and direct the deployment, customization, and fine-tuning of BigID and Microsoft Purview to ensure the solution aligns with the specific nuances of the customer's environment. The Lead is responsible for developing project schedules, ensuring adherence to compliance standards, and managing the daily workload of a two-member engineering squad. Additionally, they will coordinate with vendor delivery support to facilitate knowledge transfer, ensuring the successful classification, labeling, and protection of Critical, Moderate, and Stale data assets across the M365 ecosystem.

Required Skills/Level of Experience:

• Required: Bachelor's degree in computer science, Information Technology, or a relevant technical field + a minimum of 3 years of hands-on experience in network performance or security engineering, with 5 or more years of experience being highly desirable.
• Client Relationship & Stakeholder Management: Exceptional interpersonal skills with the ability to build trust with non-technical stakeholders and data owners. Must be capable of translating complex security risks into clear business language and managing client expectations regarding remediation scope, impact, and timelines.
• Advanced Communication Skills (Oral & Written): Superior verbal and written communication abilities are mandatory. The candidate must be able to author clear governance policies, produce professional status reports, and deliver convincing presentations to client leadership regarding data risk and project progress.
• Team Leadership & Project Coordination: Demonstrated experience leading technical teams (2+ engineers), including managing daily workflows, prioritizing tasks, and serving as the escalation point for technical blockers. Ability to coordinate effectively between the engineering squad, project architects, and vendor support.
• Microsoft Purview & Compliance Mastery: Deep, hands-on expertise in the Microsoft Purview compliance portal, specifically in defining and deploying Sensitivity Labels, Data Loss Prevention (DLP) policies, and Auto-labeling logic for SharePoint Online and OneDrive for Business.
• Data Discovery & Classification Proficiency: Proven experience with enterprise data discovery platforms (specifically BigID or similar tools), including scanner configuration, classification tuning, confidence scoring, and integrating findings with enforcement tools.
• Data Governance & Strategy Development: Ability to translate regulatory requirements and business needs into actionable data governance policies, technical remediation strategies, and defensible deletion (ROT) workflows.

Nice to have Skills:

• 5+ years of experience
• Certifications:
  • Active Microsoft Certified: Information Protection Administrator Associate (SC-400) is highly preferred. (Alternatively: Proven equivalent experience specifically with the SC-400 exam objectives)
  • CISSP
  • BigID Privacy, Security & Data Governance Professional
  • BigID Project Manager
• Understanding and experience with NIST Special Publication [SP] 800-171
• Familiarity and understanding of United States Executive Order [EO] 14117 .

PLEASE NOTE:

• Strategic Planning, Governance & Client Management (35%): Interface with stakeholders and data owners to define remediation strategies, validate governance policies, and translate business needs into technical requirements. Manage client expectations regarding scope, risk, and timelines.
• Team Leadership & Project Coordination (30%): Manage the daily workload of the engineering squad, develop and maintain project schedules, and coordinate activities between the client, engineering team, and vendor support.
• Technical Architecture & Solution Oversight (20%): Collaborate with the Project Architect to ensure solution design meets compliance standards; review and approve technical configurations for BigID and Purview before deployment.
• Reporting & Knowledge Transfer (15%): Produce executive status reports, document remediation outcomes, and facilitate training and knowledge transfer from the vendor to the internal engineering staff.

Ayush Sharma Sr. US Technical Recruiter

| Ext:149

| G-talk: