Data Security Architect

Remote • Posted 13 hours ago • Updated 13 hours ago
Contract Corp To Corp
Contract Independent
Contract W2
12 Months
No Travel Required
Able to Sponsor
Remote
$90 - $95/hr
Fitment

Dice Job Match Score™

📋 Comparing job requirements...

Job Details

Skills

  • Data security + Cloud security + DLP + DSPM + AWS + IAM

Summary

Sr. Data Security Engineer to help us understand where sensitive data exists, how it moves, who can access it, and how it should be protected.

You will build and operationalize the technical capabilities used to discover, classify, monitor, and protect data across cloud environments, SaaS platforms, databases, analytics platforms, endpoints, and non-production systems. The goal is not simply to deploy more security tools. It is to make data protection measurable, enforceable, and sustainable across the enterprise.

This is a hands-on engineering role inside our security program. We want someone who can turn data risk into durable technical controls, tune those controls to real business workflows, and work with the SOC to automate the response to exposure, misuse, and exfiltration.

What you’ll do

  • Build and operationalize data discovery and classification capabilities across structured and unstructured data sources.
  • Identify sensitive data such as PII, financial information, payment card data, intellectual property, credentials, and other business-critical information.
  • Develop and maintain inventories and data-flow mappings that show where sensitive data originates, how it moves, where it is stored, and who can access it.
  • Design, implement, and tune controls across DLP, DSPM, CASB, database activity monitoring, encryption, tokenization, data masking, and key management capabilities.
  • Secure data stored in AWS, databases, data lakes, warehouses, SaaS applications, collaboration platforms, endpoints, and non-production environments.
  • Develop data protection policies that account for classification, user context, business process, destination, access patterns, and exfiltration risk rather than relying only on broad blocking rules.
  • Partner with Identity, Platform, Data, and Architecture teams on RBAC, ABAC, least privilege, privileged access, service identities, and time-bound access patterns.
  • Integrate data security telemetry with SIEM, XDR, and Security Operations workflows to detect anomalous access, insider risk, data misuse, and potential exfiltration.
  • Build automation for investigation, enrichment, containment, remediation, ticketing, evidence collection, and control validation.
  • Support incident response involving sensitive data, including scoping affected information, preserving evidence, determining exposure paths, and improving controls after an event.
  • Define meaningful program metrics, including data coverage, classification accuracy, control coverage, policy effectiveness, false-positive rates, access exposure, and remediation progress.
  • Make technical decisions visible through design documents, runbooks, reference implementations, and repeatable patterns that other teams can adopt.

What you bring

  • 5+ years of experience across data security, cloud security, platform security, security engineering, or related technical roles.
  • Hands-on experience implementing or operating capabilities such as DLP, DSPM, CASB, database activity monitoring, data discovery, or sensitive data classification.
  • Strong understanding of data protection across cloud storage, databases, SaaS platforms, collaboration tools, endpoints, and analytics environments.
  • Experience securing AWS data services and multi-account environments, including storage permissions, encryption, logging, identity, and public exposure controls.
  • Experience with encryption, key management, tokenization, masking, secrets management, and protection of production data used in non-production environments.
  • Strong understanding of IAM, least privilege, privileged access, service identities, and access-control models such as RBAC and ABAC.
  • Experience integrating security telemetry with SIEM, XDR, SOAR, or incident response workflows.
  • Ability to write automation or production-quality scripts in Python, PowerShell, Go, or a similar language.
  • Experience tuning security controls to reduce false positives without weakening protection.
  • Comfort working directly with Data Engineering, Platform Engineering, Architecture, Security Operations, GRC, Privacy, and business stakeholders.

Nice to have

  • Experience with platforms such as Microsoft Purview, Prisma Access DLP/CASB, or similar data security technologies.
  • Experience securing Databricks, Amazon S3, Redshift, RDS, DynamoDB, data lakes, or enterprise analytics platforms.
  • Experience with insider-risk detection, user and entity behavior analytics, or data-exfiltration investigations.
  • Familiarity with data protection and privacy requirements associated with SOX, GDPR, ISO 27001, or NIST frameworks.
  • Experience building security controls for AI and generative AI services, including sensitive-data exposure, model inputs, retrieval systems, internal copilots, and agentic workflows.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10416061
  • Position Id: 9025477
  • Posted 13 hours ago
Contact the job poster
KP

Kishore Putta

Recruiter @ Saksoft
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote

5d ago

Easy Apply

Third Party, Contract

Depends on Experience

Remote

15d ago

Easy Apply

Third Party, Contract

50 - 60

Remote

Today

Easy Apply

Contract

$50 - $80

Remote or Chicago, Illinois

Today

Full-time

Search all similar jobs