Bright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. They are seeking a skilled Data Loss Prevention Engineer to own the security of their global data protection program and manage data security events across their environment.
Responsibilities:
- Own the security posture of Palantir's DLP estate — policy architecture, classification standards, and ongoing validation that those standards hold
- Reduce data exposure risk across the environment: audit and remediate misconfigured policies, coverage gaps, over-permissioned data flows, shadow IT channels, and enforcement blind spots
- Evaluate, deploy, and own the configuration of data protection tooling across endpoint, network, and cloud vectors: content inspection, data classification, user activity monitoring, and enforcement controls
- Build and maintain automation for data security operations — policy tuning pipelines, alert triage workflows, access reviews, and data handling hygiene
- Partner with Identity, Infrastructure, and Legal teams to drive architectural improvements: data classification frameworks, acceptable use enforcement, cloud data governance, and insider threat program integration
- Translate findings from assessments and incident investigations into durable fixes — policy changes, architectural improvements, and program updates that reduce recurrence
Requirements:
- Deep, working knowledge of DLP architecture: endpoint agents, network inspection, cloud API integrations, policy engines, and content-aware detection across structured and unstructured data
- Hands-on experience investigating and detecting data exfiltration across the full kill chain — from reconnaissance and staging through exfiltration via web, email, removable media, and cloud sync channels
- Familiarity with common evasion techniques (encoding, steganography, covert channels, cloud storage abuse) and, critically, what they leave behind
- Experience building and maturing DLP programs: classification taxonomies, policy tiering by data sensitivity, incident workflow design, and false-positive reduction methodologies
- Thorough understanding of data security architecture: content inspection techniques, regular expression and fingerprinting-based detection, optical character recognition (OCR) for image-based data, and contextual policy enforcement
- Ability to assess data flows across complex environments — SaaS, IaaS, on-premises, and hybrid — and identify where controls are absent or insufficient
- Proficiency with log analysis and forensic investigation tools to reconstruct data movement and user behavior across endpoints and network infrastructure
- Experience building telemetry pipelines and detections on top of raw DLP event data beyond out-of-the-box vendor alerting
- Proven track record writing high-fidelity detection logic for data exfiltration and insider threat scenarios, not just tuning vendor signatures
- Experience leading complex incident response investigations involving insider threats, compromised credentials being used to stage and exfiltrate data, or sophisticated external actors
- Strong forensic fundamentals across endpoint artifacts, network captures, and cloud audit logs relevant to data movement investigations
- Experience with cloud-native data security controls across major IaaS and SaaS platforms, and hybrid architectures that span on-premises and cloud data stores
- Prior work in insider threat programs, adversary simulation, or offensive security research — especially focused on data exfiltration tradecraft
- Public contributions: conference talks, blog posts, or open-source tooling related to data protection or insider threat detection
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field (or equivalent experience)
- 7+ years of experience in network security engineering, with a meaningful portion in cloud environments
- Hands-on production experience securing at least one of AWS, Azure, or GCP — VPCs/VNets, IAM, security groups/NSGs, cloud firewalls, encryption
- Working proficiency with at least one scripting language (Python, Bash, PowerShell) and willingness to use it daily
- Experience with network security tooling: firewalls, VPNs, IDS/IPS, DLP, encryption
- Strong written and verbal communication skills