Data Protection & Investigations Engineer

 Overview:

We are seeking a highly skilled and deeply technical Data Protection & Investigations Engineer to join our Cybersecurity team. This critical role is responsible for safeguarding our most sensitive data assets by operating and maturing our Data Loss Prevention (DLP) program and leading complex security investigations involving data misuse, intellectual property theft, compromise, and policy violations. The ideal candidate will possess expert-level proficiency in security tooling and a proven ability to conduct detailed technical forensic analysis while maintaining professional collaboration with Legal counsel and executive leadership, including the CISO.

Key Responsibilities:

• Monitor and triage security alerts.
• Serve as the subject matter expert for the enterprise DLP platform, driving its policy creation, detections, testing, tuning, and investigations process.
• Collaborate with business units and data owners to define and implement robust data protection policies and rules that balance security with operational efficiency.
• Monitor, triage, and respond to high-priority DLP alerts, escalating findings appropriately while minimizing false positives.
• Evaluate and integrate new data protection technologies to enhance overall data security posture.
• Lead and conduct highly sensitive, deep-dive technical investigations into complex security events and potential data exfiltration scenarios.
• Utilize Endpoint Detection and Response (EDR) platforms, network telemetry, log analysis, and digital forensics methodologies to construct factual timelines and evidence packages.
• Analyze user behavior, data flows, and endpoint activity to identify patterns of risk and policy violations related to critical data assets.
• Develop, refine, and execute investigation playbooks and procedures to ensure consistency and defensibility of evidence.
• Drive the Data Protection and associated security functions and processes
• Act as the primary technical liaison for investigations, collaborating closely with Legal, Human Resources, and the CISO to ensure all activities adhere to legal and privacy requirements.
• Prepare detailed, clear, and legally defensible investigation reports and evidence summaries suitable for executive review and legal proceedings.
• Provide professional briefings and analysis directly to the CISO on high-risk matters, data trends, and the overall health of the Data Protection program.
• Translate complex technical security issues into understandable business risks for non-technical audiences.
• Manage and adhere to the KPIs and executive reporting for the security function.