Senior DLP and Cloud Access Security Broker (CASB) Implementation Lead

Duties and Responsibilities:

• Strategic Architecture & Roadmap: Lead the design, architecture, and multi-year strategic roadmap for enterprise DLP and CASB solutions, aligning technical controls with business objectives, cloud migration strategies, and complex regulatory frameworks (e.g., GDPR, CCPA, HIPAA).
• Engineering & Ecosystem Integration: Drive the hands-on deployment and technical integration of DLP and CASB platforms with the broader security ecosystem (such as SIEM, IAM, EDR, and SOAR) to enable automated threat response, centralized visibility, and identity-aware access controls.
• Advanced Policy Development & Tuning: Translate legal and business data handling requirements into actionable technical rules using advanced techniques (e.g., Exact Data Match, Indexed Document Matching), continuously tuning these policies to aggressively reduce false positives without disrupting business workflows.
• Cloud Security & Shadow IT Management: Secure sanctioned cloud environments through API and inline CASB controls, actively monitor for and mitigate risks associated with Shadow IT, and execute comprehensive data discovery scans across cloud storage and on-premises infrastructure.
• Operational Health & Incident Escalation: Oversee the capacity planning, lifecycle management, and overall health of the data protection infrastructure, serving as the highest-level technical escalation point for complex insider threat and data exfiltration investigations.
• Governance, Reporting, & Leadership: Partner closely with Legal, Privacy, and HR teams to ensure compliance, develop Key Risk Indicators (KRIs) for executive-level reporting, and provide mentorship and technical guidance to junior security engineers and SOC analysts.

Qualifications:

• Education: Bachelor s degree in Cybersecurity, Computer Science, or a related field. (Extensive senior-level experience will be considered in lieu of a degree).
• Senior Expertise: Minimum of 7 10 years of experience in Information Security, with a proven track record of architecting enterprise-grade DLP and CASB environments.
• Instructional Ability: Demonstrated experience in technical writing (manuals/SOPs) and conducting technical training for SOC/ISOC personnel.
• Certifications: Advanced certifications are highly preferred: CISSP, CCSP, or lead-level GIAC certifications e.g., The GIAC Information Security Professional (GISP), GIAC Security Expert (GSE), GIAC Security Professional (GSP).
• Project Leadership: Demonstrated experience managing high-visibility projects with strict, non-negotiable deadlines.
• Communication: Exceptional ability to communicate complex technical concepts to both internal technical staff and non-technical executive leadership..