Data Security Engineer

JOB TITLE: Data Security Engineer
JOB LOCATION: Remote
WAGE RANGE*: $60-65/hr. W2
JOB NUMBER: DataSecurity3

REQUIRED EXPERIENCE:

Qualifications

• 5+ years of data security engineering experience in cloud-first and hybrid environments.
• Deep understanding of DSPM tools and data-centric security principles.
• Expertise in encryption architecture, key management systems, and securing data at all lifecycle stages.
• Hands-on experience with DLP solutions (e.g., Varonis, Microsoft Purview, Forcepoint, Symantec) and their integration across cloud and endpoint systems.
• Proficient in data access control mechanisms and governance across relational, NoSQL, and unstructured data stores.
• Familiarity with compliance requirements (GDPR, PCI, CCPA) and security frameworks like NIST and ISO 27001.
• Certifications such as CCSP, CISSP, or data security-specific credentials are preferred.

JOB DESCRIPTION:

Responsibilities
We are seeking a Senior Data Security Engineer to architect and develop initiatives to protect sensitive and regulated data across cloud and hybrid environments. This role is highly technical, requiring expertise in Data Security Posture Management (DSPM), encryption, DLP, and data classification. The ideal candidate will drive the implementation of data security frameworks, monitor data activity, and enforce controls to mitigate data exfiltration and regulatory risks.

Key Responsibilities:

• Implement DSPM tools and integrate them with cloud-native telemetry to continuously assess and remediate data risks.
• Architect scalable encryption strategies (at rest, in transit, in use) and key management using KMS, HSMs, and customer-managed keys (CMKs).
• Develop and enforce enterprise-wide data classification and tagging frameworks to support automated data discovery and protection.
• Design and implement cross-platform DLP policies and integrate them with Microsoft Purview, M365, endpoints, and cloud workloads.
• Enforce least-privilege access models and granular access controls (e.g., ABAC, PBAC, RBAC) across structured and unstructured data stores.
• Collaborate with cloud, identity, and app security teams to integrate data protection controls into existing pipelines and services.
• Monitor compliance with GDPR, HIPAA, CCPA, and other regulatory frameworks through proactive security audits and reporting.

Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities

* While an hourly range is posted for this position, an eventual hourly rate is determined by a comprehensive salary analysis which considers multiple factors including but not limited to: job-related knowledge, skills and qualifications, education and experience as compared to others in the organization doing substantially similar work, if applicable, and market and business considerations. Benefits offered include medical, dental and vision benefits; dependent care flexible spending account; 401(k) plan; voluntary life/short term disability/whole life/term life/accident and critical illness coverage; employee assistance program; sick leave in accordance with regulation. Benefits may be subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions. Benefits offered are in accordance with applicable federal, state, and local laws and subject to change at TCM's discretion.

#Dice