Cyber Security Engineer, Data Protection

Job Summary 

The Data and Application Security Department within Cybersecurity is responsible for implementing and maintaining Security solutions within the Data Protection, Email Security, and Application Security spaces.  These solutions are an integral part of the Cybersecurity department and help improve the overall risk posture within the organization. As a member of the Data and Application security team, the Engineer will be responsible for aiding in the development, implementation, and operation of data protection and application security solutions and controls to address the current and emerging security and compliance needs of the business.

The Engineer will be focused on CASB and SWG implementation and operation, under the direction of the Engineering Manager and Engineering Specialist.   The Engineer will participate in the CASB and SWG implementation efforts including configuring, testing, troubleshooting, maintaining and administering based on best practices and business requirements.  The Engineer will learn and assist in other areas of Data Protection including the security of Data-In-Transit, Data-At-Rest, Data-In-Use.

The Engineer should have broad theoretical knowledge, such as knowledge gained through post-secondary education or certification-related training, as well as some professional experience in cyber security or information technology.  The Engineer is expected to have practical knowledge in the responsibilities listed below, gained through both education and work experience. The Engineer will be trusted to work independently with general supervision, and can tackle difficult problems.
 

Essential Functions

• Responsible for the build, configuration, implementation, troubleshooting  and administration of assigned technology per data protection and application protection engineering standard operating procedures.
• Participates in the requirements definition for the selection, deployment and implementation of security concepts and products including Secure Service Edge, CASB, Secure Web Gateway, Browser Isolation, Email Security, Data Loss Prevention, Application Security.
• Maintains and follows procedures to monitor the output of data protection technology platforms to ensure effective operation and respond to trouble tickets/events following standard operating procedure; collaborates with other engineers and specialists to provide independent Root Cause Analysis (RCA)
• Responsible for creating comprehensive test scripts to validate application changes and execute tests that are repeatable.
• Supports and independently executes both scheduled engineering build/configuration events as well as Tier 1/2 incident(break/fix) events including 24x7 support
• Participates in the creation of reports for the technology performance, efficacy and hygiene metrics.
• Contributes to the identification, development, and documentation of configuration/design improvements/optimization to support continuous engineering and systems performance improvement
• Shadow other engineers in the team to learn, collaborate and support other Data Protection technologies.
• Business and Soft Skill expectations:
  • Communicate and interact effectively and professionally with co-workers, management, customers and vendors.    
  • Maintain complete confidentiality of company business.
  • Communicate with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.

Qualifications

• Bachelor's Degree required
  • Preferred in Cyber Security, Computer Science, Information Systems (or other related field) 
• 6+ years of IT or information security, and
• 2+ years of data security engineering experience

Knowledge, Skills and Abilities

• Implemented Data Protection and/or Data Loss Prevention technologies across vectors including email, endpoint, web, network and cloud 
• Authored DLP rules to detect/prevent data exfiltration
• Participated in the implementation and maintenance of SSE components including CASB, SWG
• Worked in process-driven structured environments, and participated in process optimization activities.
• Provided recommendations to enhance the company’s security posture and communicated these to leadership

Competencies

• Advanced knowledge of security principles, issues, risks
• Experienced with SSE and Data Protection techniques 
• Proactive identification and solving of complex problems 
• Strong understanding of systems development lifecycle to provide technical leadership for multifunctional projects or initiatives.  
• Attention to detail