Information Security Engineer - Data Protection & Insider Risk

OVERVIEW:

We are seeking an experienced, dynamic Information Security Engineer with expertise in data leakage prevention (DLP), insider risk management, and identity and access governance (IAG). This role is responsible for protecting sensitive data across endpoints, cloud services, and SaaS platforms by designing, implementing, and operating security controls that identify, classify, monitor, and govern access to enterprise data.

This position also plays a hands-on role in securing Microsoft Copilot for M365 and other emerging AI-enabled tools, focusing on technical controls, data protection enforcement, and security logging. The ideal candidate has experience managing data classification and labeling programs, insider risk detection, identity governance platforms, and modern security tooling, and is comfortable working across IT, security, and compliance functions to enable the business securely.

RESPONSIBILITIES:

Data Protection & Leakage Prevention

Designs, implements, and operates Data Loss/Leakage Prevention (DLP) controls across endpoints, email, cloud services, and SaaS platforms;

Leads and maintains data identification, classification, and labeling strategies for structured and unstructured data;

Monitors, investigates, and responds to data exfiltration and misuse events, including both accidental and malicious activity;

Tunes detection policies to reduce false positives while maintaining effective risk coverage.

Insider Risk Management

Operates and enhances insider risk detection and response programs, including behavioral analytics and user activity monitoring;

Partners with IT/IS management on insider risk investigations, ensuring appropriate governance and privacy controls;

Develops workflows for escalation, evidence handling, and remediation of insider risk incidents.

Identity & Access Governance

Manages and optimizes identity and access governance (IAG) platforms, including access reviews, entitlement management, and lifecycle automation;

Supports least-privilege access models, role-based access control (RBAC), and segregation of duties (SoD) initiatives;

Integrates identity signals with data protection and insider risk tooling to enable contextual, risk-based controls.

Security Tooling & Operations

Serves as a subject matter expert for security platforms related to DLP, insider risk, data classification, and identity governance;

Evaluates, onboards, and operationalizes new security tools and features;

Creates and maintains runbooks, procedures, dashboards, and metrics to demonstrate program effectiveness.

Governance, Risk, and Collaboration

Supports regulatory and compliance requirements related to data protection and access control (e.g., SOX, HIPAA, GDPR, CCPA, etc., as applicable);

Provides guidance to IT and business teams on secure data handling and access practices;

Contributes to security awareness efforts related to data handling, insider risk, and acceptable use.

AI & Generative AI Security (Technical Controls & Monitoring)

Implements and operates security controls for Microsoft Copilot for M365 using Purview, Defender, and Entra ID to enforce access boundaries and reduce data exposure;

Configures DLP, sensitivity labels, permissions, logging, and alerting to ensure AI-assisted access aligns with data classification and authorization models;

Investigates and responds to data exposure or misuse involving Copilot or other AI-enabled workflows, and support secure onboarding of additional AI/LLM tools; and

Performs additional duties as assigned.

QUALIFICATIONS:

REQUIRED CANDIDATE QUALIFICATIONS:

5+ years of experience in information security, with direct focus on data protection, insider risk, or identity governance;

Hands-on experience with one or more DLP and data classification platforms (e.g., Microsoft Purview, Symantec, Forcepoint, Netskope, etc.);

Experience managing identity and access governance solutions (e.g., Microsoft Entra ID Governance, SailPoint, Saviynt, Okta IGA);

Strong understanding of data classification schemes, sensitive data types, and data handling controls;

Experience investigating security alerts and incidents involving user behavior and data misuse;

Familiarity with endpoint, cloud, and SaaS security architectures;

Strong documentation, communication, and cross-functional collaboration skills; and

Ability to work additional hours as needed.

PREFERRED / NICE-TO-HAVE QUALIFICATIONS:

Experience with Microsoft security ecosystem (Purview, Defender for Endpoint, Defender for Cloud Apps, Entra ID, Sentinel);

Experience with User and Entity Behavior Analytics (UEBA) or insider risk platforms;

Knowledge of privacy-by-design principles and employee monitoring considerations;

Scripting or automation experience (PowerShell, Python, KQL, etc.);

Security certifications such as CISSP, CISM, CCSP, GIAC, or vendor-specific certifications;

Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related technical field.

This position is located in our New York office, and currently has a hybrid work schedule, but that is subject to change. The estimated salary range for this position is $160,000 to $180,000. The actual salary offered will be based on a wide range of factors, including relevant skills, training, experience, education, and where applicable, licensure or certification obtained. Market and Firm factors are also considered. In addition to base salary and discretionary bonus(es), we offer a generous employee benefits package including, but not limited to, paid time off, medical, dental, vision care, 401(k) and substantial health club discounts.