We are looking for a seasoned Data Protection Engineer, Expert to join our cybersecurity and compliance team. This role is critical in safeguarding sensitive financial data, ensuring regulatory compliance, and enabling secure collaboration across our Microsoft 365 environment. You will lead the implementation and optimization of Microsoft Purview and related M365 security tools to support our enterprise data protection strategy. 

Key Responsibilities 

• Assist with designing and implementing data protections solutions using Microsoft Purivew, Entra, and Defender XDR. 

• Develop and maintain DLP policies, sensitivity labels, retention policies, and insider risk management rules tailored to financial data and regulatory requirements. 

• Collaborate with Legal, Risk, Compliance, and IT teams to align data protection strategies with FFIEC, GLBA, SOX, and other banking regulations. 

• Monitor and respond to data protection alerts and incidents, conducting root cause analysis and recommending remediation. 

• Provide technical leadership and mentorship to junior engineers and cross-functional stakeholders. 

• Stay current with evolving data privacy laws, regulatory guidance, and Microsoft roadmap updates. 

Basic Qualifications 

• 5+ years of experience in data protection, cybersecurity, or technical engineering

• 1 Years Experience with Microsoft 365 security and compliance tools, especially Microsoft Purview.

• 3 Years Experience with PowerShell scripting and automation in Microsoft environments.  

​

Preferred Qualifications 

• Experience with financial data classification, insider risk programs, and secure collaboration in regulated environments.

• Experience with Copilot and other GenAI and the monitoring of their use.

• Familiarity with third-party risk management and vendor data handling practices.

• Experience in the financial services sector.

• Excellent analytical, documentation, and communication skills.

• Strong understanding of data governance, encryption, DLP, and regulatory compliance frameworks (e.g., GLBA, GDPR, CCPA).

• Microsoft certifications such as SC-400 (Information Protection Administrator), SC-100 (Cybersecurity Architect), or equivalent