Sr. Engineer, Microsoft Information Protection

Job Description

Job Description

Summary

The Sr. Engineer, Microsoft Information Protection role will play a pivotal role in supporting our data security strategy and program, ensuring that corporate policies are adhered to across all brands. This role will manage Microsoft Information Protection and Microsoft Purview, sensitivity labels, data discovery, data loss prevention systems, enhance policies, integrate data protection controls, ensure regulatory compliance, collaborate with unit leads, and improve KPIs and global policies. This role requires a deep understanding of data security principles, including data encryption at rest and in transit, excellent analytical skills, and the ability to work effectively in a dynamic, fast-paced environment.

Essential Functions:

• Monitor and manage data loss prevention (DLP) environments, continuously enhancing policies to address emerging threats and vulnerabilities.
• Integrate the existing data protection controls into an overall data security strategy. Partner with each operating unit lead to ensure policies and controls are adequate.
• Maintain compliance with relevant data protection regulations, including GDPR, PCI DSS, HIPAA, etc. Conduct regular audits and assessments to ensure adherence to these standards.
• Work with operating units to add new criteria as needed and ensure that data security policies and controls are adequately and effectively implemented.
• Ensure KPIs related to data security are accurately tracked and reported. Analyze KPI data to identify areas for improvement and implement necessary enhancements.
• Regularly review global data security policies and standards. Provide input and recommendations to address gaps and adapt to changing regulations and industry best practices.

Qualifications:

• Bachelor's degree or higher in the field of Engineering, Computer Science, Business Informatics, Information Technology, Information security or equivalent advance technology field of study, or equivalent work experience.
• A minimum of 10 years of IT experience at a global scale with a minimum of 5 years of cyber security experience working with data security programs.

Knowledge, Skills, and Abilities:

• Core concepts of data security, security operations and security awareness programs.
• Skilled on implementing and managing data loss prevention solutions.
• Worked with global data security programs and technologies.
• In-depth understanding of Microsoft Purview, Microsoft Sensitivity Labels, Data Discovery and Classification, Data Management, Data Governance, Data Lineage, Data Loss Prevention, Data Encryption and Data Masking.
• Knowledge of relevant regulations and standards such as GDPR, PCI DSS, HIPAA, etc.
• Excellent verbal and written communication skills to effectively convey security concepts to technical and non-technical stakeholders.
• High attention to detail
• Strong interpersonal skills to work effectively with cross-functional teams.
• Ability to adapt to rapidly changing security landscapes and emerging threats.
• Strong ethical judgment and integrity in handling sensitive information.
• Understanding of data at rest and in transit encryption methods.