Role OverviewWe are seeking a Data Loss Prevention (DLP) Engineer with 2+ years of experience to support the build, configuration, testing, and rollout of a Microsoft Purview DLP program for a large enterprise environment. The scope focuses on enabling unified detection, protection, and control of sensitive data across endpoints and Microsoft 365 workloads-including Office 365, OneDrive, SharePoint, and Microsoft Teams-as well as optimizing and re-enabling email DLP. Working under the technical direction of the DLP Architect, you will implement policies, execute pilots and wave-based deployments, and monitor detection quality. You'll collaborate closely with the Project Manager, Compliance Analyst, and Data Governance Lead to ensure the solution is effective, scalable, and user-ready.
Key Responsibilities1. Purview DLP Build & Configuration Configure Microsoft Purview DLP policies and rules based on provided designs (scoping, conditions, actions, user notifications, and enforcement modes). Implement policy components consistently across workloads, following agreed standards and governance. Support configuration of classification elements (e.g., Sensitive Information Types, sensitivity labels).
2. Microsoft 365 Workload Enablement Implement and validate DLP coverage across Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams. Configure user experience controls, such as policy tips and notifications, aligned to adoption requirements.
3. Endpoint DLP Onboarding & Controls Support endpoint onboarding and readiness activities aligned to client tooling (e.g., Intune and Microsoft Defender for Endpoint). Configure and test endpoint DLP scenarios (removable media, printing, browser uploads) following a monitor tune enforce discipline.
4. Pilot Execution & Wave-Based Rollout Execute pilot configurations and validate detections and user prompts with specific business units. Support controlled enterprise rollouts, including deployment checklists, validation steps, and hypercare readiness.
5. Monitoring, Troubleshooting & Policy Tuning Monitor DLP alerts and event telemetry to assess signal quality and operational impact. Investigate false positives/negatives and propose tuning adjustments for approval. Support operational workflows for triage and escalation to security and compliance stakeholders.
6. Integration & Automation Assist with integrating DLP alerting into broader security operations (e.g., Microsoft Defender XDR or Microsoft Sentinel). Support automation tasks using PowerShell and/or Power Automate to improve reporting and alert routing.
7. Documentation & Handover Produce and maintain configuration records, test evidence, operational runbooks, and support guides. Support the project team with enablement materials for service desk readiness and end-user awareness.
Qualifications & ExperienceRequired: Experience: 2+ years in DLP, information protection, M365 security/compliance, or security engineering. Technical Proficiency: Hands-on experience configuring Microsoft Purview DLP across M365 workloads (Exchange, SharePoint, OneDrive, Teams) or endpoints. Lifecycle Knowledge: Understanding of the DLP lifecycle (plan, implement, test, tune, and enforce). Tools: Familiarity with Purview compliance portal, Sensitive Information Types (SITs), PowerShell for administration, and Intune/Defender for Endpoint. Soft Skills: Strong troubleshooting mindset, attention to detail, and excellent communication skills in a client-facing environment.
Preferred (Strong Advantage): Experience with large-scale endpoint DLP wave deployments. Relevant Microsoft certifications (e.g., SC-400 Microsoft Information Protection Administrator). Experience integrating DLP with SOC workflows (Sentinel/XDR) or building dashboards in Power BI. Knowledge of regulated environments and data protection obligations (e.g., GDPR, PDPA).
Success Profile at CGIEngineering Ownership: Executes clean builds and produces reliable documentation. Collaborative: Works effectively with architects and cross-functional stakeholders. User-Aware: Balances high-security controls with real-world business usability. Disciplined: High rigor in testing, change control, and operational readiness.
|
