Data Protection Engineer

The Data Protection Engineer (DPE) is a hands‑on individual contributor responsible for designing, implementing, and operating enterprise data protection controls that safeguard sensitive company and customer data. This role focuses on the practical execution of data protection technologies across endpoints, email, cloud services, and collaboration platforms, with a strong emphasis on DLP, data classification, and information protection.
The DPE partners closely with IT Security, Compliance, Legal, and business teams to translate regulatory and business requirements into effective technical controls.

Day‑to‑Day Responsibilities
• Design, deploy, configure, and maintain enterprise data protection solutions across endpoints, email, cloud services, and collaboration platforms
• Configure and maintain:
• DLP policies and rules
• Sensitivity labels and classification schemes
• Detection logic and control parameters
• Troubleshoot and resolve data protection and sensitivity label issues affecting end users
• Monitor and triage data protection alerts and incidents, driving remediation and follow‑up
• Implement and operate DSPM capabilities, including data discovery, posture assessments, and exposure remediation
• Ensure data protection controls align with regulatory, legal, and corporate requirements
• Integrate data protection platforms with SIEM and IAM systems
• Support data flow mapping, risk assessments, and remediation initiatives
• Participate in architecture reviews and change management activities
• Create and maintain technical documentation, including diagrams, SOPs, playbooks, and configuration guides
Stay current on data security threats, trends, and emerging technologies

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

• 8+ years of hands‑on Data Loss Prevention / Data Protection engineering experience
• Deep, practical experience with Microsoft Purview (DLP and Information Protection), including:
• Policy and rule configuration
• Sensitivity labels and data classification
• Troubleshooting enforcement and end‑user labeling issues
• Proven experience designing and operating data protection controls across endpoints, email, cloud services, and collaboration platforms
• Strong ability to tune DLP policies and detection logic to reduce false positives while maintaining effective protection
• Experience monitoring, triaging, and responding to data protection alerts and incidents
• Working knowledge of data protection regulations (e.g., GLBA, CCPA, NYDFS) and translating requirements into technical controls
• Stakeholder facing experience

• Experience with Microsoft Defender, Defender for Cloud, and/or Netskope
• Scripting or automation experience using PowerShell and/or Python
• Strong working knowledge of regex‑based pattern matching
• Experience with ServiceNow, Jira, or similar ticketing systems
Security or cloud certifications (CISSP, CISA, CEH, CCSP, Microsoft certifications)

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.