Role Overview

As the Cloud DLP Security Engineer, you will be the primary custodian of our Data Loss Prevention ecosystem. You will lead the day-to-day administration of our cloud-native DLP platforms, ensuring sensitive data remains protected across web, SaaS, and endpoint channels. Your role bridges the gap between technical policy enforcement and user experience, serving as the lead for support and the primary liaison with our external implementation partners.

Key Responsibilities

1. Policy Engineering & Daily Configuration

• Daily Rule Management: Configure, tune, and optimize DLP engines, including custom dictionaries and Exact Data Match (EDM).
• Exception Handling: Review and manage DLP exception requests, ensuring they are valid, documented, and time-bound.
• Access & Control: Ensure correct

2. Support & "Hypercare" Operations

• L1 User Support: Act as the primary point of contact for end-users regarding policy triggers and blocks.
• Hypercare Management: Lead the Hypercare phase for new policy rollouts, providing high-touch support to departments to minimize business disruption during deployment.
• Education: Translate technical security blocks into understandable guidance to improve data handling habits.

3. Partner & Vendor Liaison

• Issue Prioritization: Categorize and prioritize technical issues reported to the implementation partner, ensuring critical blockers are addressed first.
• SLA Oversight: Monitor the implementation partner's progress against project milestones and technical deliverables.

4. Risk Assessment & Technical Insights

• Critical Issue Flagging: Monitor system health and policy logs to identify and escalate critical security risks or technical gaps to senior leadership.
• Reporting: Create and share weekly insights on high-risk data movement patterns and policy effectiveness.
• Risk Mitigation: Proactively identify potential data exfiltration vectors and recommend configuration changes to close security gaps.

5. IT & System Integration

• Platform Integration: Manage the integration of DLP tools with the broader security stack, including SIEM, SOAR, and Endpoint Protection (EDR) platforms.
• Infrastructure Support: Assist with the configuration of PAC files, traffic forwarding, and identity provider (IdP) integrations.
• Documentation: Maintain comprehensive runbooks and Standard Operating Procedures (SOPs) for all DLP-related workflows.

Required Qualifications

• Experience: 3–5+ years in Information Security, with a heavy focus on Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) tools.
• Technical Proficiency: Strong understanding of SSL inspection, network traffic steering, and Regex (Regular Expressions) for custom policy creation.
• Compliance Knowledge: Familiarity with global data privacy regulations such as GDPR, HIPAA, or PCI-DSS.
• Communication: Ability to balance strict security enforcement with a customer-service mindset during user interactions.
• Problem Solving: Proven track record of managing technical issues with third-party vendors and implementation partners.

Good to have Technical Skills

• Cloud Security Gateways (Web & Cloud-native DLP)
• Network Protocols (HTTPS, DNS, TCP/IP)
• Enterprise Ticketing Systems (e.g., ServiceNow, Jira)