Principal Data Security Architect

Overview

Hybrid
Depends on Experience
Contract - W2
Contract - 52 week(s)

Skills

Snowflake

Job Details

  • Title: Principal Data Security Architect 

  • Location: Hybrid in Allentown, PA; Louisville, KY; or Providence, RI

  • Duration: 12 Months

Responsibilities

Essential Functions:

  • Define and own the data protection strategy across structured, semi-structured, and unstructured data. Align with regulatory, legal, and business mandates (e.g., NERC, SOX, CCPA, GDPR).

  • Architect and deploy Azure Purview for data classification and insider risk management policies.

  • Lead secure implementation of AI Data Pipelines (RAG, Vector DBs), TDE for SQL workloads, and explore applicability of Fully Homomorphic Encryption (FHE) and Differential Privacy (DP) for AI/LLM pipelines.

  • Develop strategies for legacy data de-duplication, archiving, and migration. Evaluate long-term retention risk and optimize lifecycle policies.

  • Implement and manage DLP rules across email, endpoints, cloud storage, and collaboration platforms (e.g., Microsoft 365, SharePoint).

  • Provide architectural guidance to product teams and AI/ML engineers. Author security patterns, threat models, and playbooks.

  • Evaluate and integrate third-party tools for data discovery, monitoring, and tokenization. Drive automation around classification and response.

  • Define DSPM Strategy and Architecture.

  • Define Data Incident Protocol and Playbook.

  • Perform other duties as assigned.

  • Comply with all policies and standards.

Qualifications

Required Education:

  • Bachelor’s Degree in Computer Science, Information Security, and/or a related field, or an equivalent level of experience on a year-on-year basis.

Required Experience:

  • 10+ years in information security or data architecture roles.

Preferred Qualifications:

  • Previous experience with utilities or highly regulated industries.

  • Working knowledge of structured data protection in data lakes or Azure Synapse.

  • Experience contributing to LLM security or responsible AI design patterns.

  • SANS/GIAC, CISSP, or Azure Security certification.

  • Experience with legacy data cleanup initiatives, e.g., tape archive migration.

  • Experience with DSPM platform.

  • Strong understanding of cryptographic primitives and modern data security standards (AES, SHA, TLS, etc.) as well as an understanding of proposed quantum-ready cryptography standards.

  • Excellent communication skills and the ability to influence technical and executive stakeholders.

  • Demonstrated ability to assess risk trade-offs between security, usability, and operational efficiency.

  • Deep interest in AI safety, responsible data stewardship, and future-proofing sensitive workloads.



#INDGEN #ZR

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.