Job Title: Sr. Data Security Engineer
Location: Chicago, IL (Remote)
Duration: 6-12 Months
Client: Direct
About the role
Our client is hiring a Sr. Data Security Engineer to help us understand where sensitive data exists, how it moves, who can access it, and how it should be protected. You will build and operationalize the technical capabilities used to discover, classify, monitor, and protect data across cloud environments, SaaS platforms, databases, analytics platforms, endpoints, and non-production systems. The goal is not simply to deploy more security tools. It is to make data protection measurable, enforceable, and sustainable across the enterprise. This is a hands-on engineering role inside our security program. We want someone who can turn data risk into durable technical controls, tune those controls to real business workflows, and work with the SOC to automate the response to exposure, misuse, and exfiltration.
What you bring
• 8+ years of experience across data security, cloud security, platform security, security engineering, or related technical roles.
• Hands-on experience implementing or operating capabilities such as DLP, DSPM, CASB, database activity monitoring, data discovery, or sensitive data classification.
• Strong understanding of data protection across cloud storage, databases, SaaS platforms, collaboration tools, endpoints, and analytics environments.
• Experience securing AWS data services and multi-account environments, including storage permissions, encryption, logging, identity, and public exposure controls.
• Experience with encryption, key management, tokenization, masking, secrets management, and protection of production data used in non-production environments.
• Strong understanding of IAM, least privilege, privileged access, service identities, and access-control models such as RBAC and ABAC.
• Experience integrating security telemetry with SIEM, XDR, SOAR, or incident response workflows.
• Ability to write automation or production-quality scripts in Python, PowerShell, Go, or a similar language.
• Experience tuning security controls to reduce false positives without weakening protection.
• Comfort working directly with Data Engineering, Platform Engineering, Architecture, Security Operations, GRC, Privacy, and business stakeholders.
Nice to have
• Experience with platforms such as Microsoft Purview, Prisma Access DLP/CASB, or similar data security technologies.
• Experience securing Databricks, Amazon S3, Redshift, RDS, DynamoDB, data lakes, or enterprise analytics platforms.
• Experience with insider-risk detection, user and entity behavior analytics, or data-exfiltration investigations.
• Familiarity with data protection and privacy requirements associated with SOX, GDPR, ISO 27001, or NIST frameworks.
• Experience building security controls for AI and generative AI services, including sensitive-data exposure, model inputs, retrieval systems, internal copilots, and agentic workflows.