At AFL, We Connect™.
Data Security Engineer
Location
South Carolina
Posted
6 days ago
Salary
0
Seniority
Senior
Job Description
Data Security Engineer
AFL
• Administer and optimize the DSPM platform (Cyera); drive data discovery, classification, and risk prioritization across cloud and on-premises environments. • Administer and operate the DLP platform (Proofpoint); create, tune, and maintain policies to prevent unauthorized data movement. • Investigate and respond to DLP incidents; work with information owners and business stakeholders to resolve and remediate. • Collaborate with Security Analysts to correlate data security findings with broader security investigations and incidents. • Design and implement a data classification schema and labeling program. • Define and maintain data security policies and procedures. • Build metrics and reporting to communicate program health and risk reduction to leadership. • Partner with legal, compliance, and IT teams to align data security controls with business requirements. • Support audits and regulatory requirements related to data protection. • Contribute to disaster recovery planning and exercises with technology teams.
Job Requirements
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Systems, or related field or equivalent experience
- 4+ years in an information security role with a focus on data security, data protection, or DLP.
- Hands-on experience with a DSPM platform (Cyera, Sentra, Varonis, BigID, or similar).
- Hands-on experience with an enterprise DLP platform (Proofpoint, Symantec, Forcepoint, Microsoft Purview, or similar).
- Experience designing or implementing a data classification framework.
- Strong written and verbal communication skills.
- Ability to translate technical risk into clear business language.
- Preferred Experience with Microsoft Purview Information Protection and sensitivity labeling.
- Familiarity with regulatory frameworks such as GDPR, CCPA, HIPAA, or PCI-DSS.
- Experience standing up or maturing a data security program from early stages.
- Basic scripting ability (Python, PowerShell, or similar) for data analysis and automation.
Benefits
- Flexible time off policy
- 401K Company match (up to 4% - dollar for dollar)
- Professional development, training, and tuition reimbursement programs
- Excellent medical, dental, vision, and life insurance policy options
- Opportunities for career advancement with an industry leading company!
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Information Security Incident Specialist, Fluent Ukrainian
SupportYourAppSupport-as-a-Service that helps companies scale faster by taking care of their customers’ needs.
• Manage security and operational incidents end-to-end, including investigation, coordination, and response; • Communicate directly with Clients and stakeholders during Data Breach incidents; • Conduct Root Cause Analysis, develop preventive measures, and prepare management reports; • Analyze Clients’ workflows and incident trends to identify risks and improve security processes; • Assess the security of software, platforms, and third-party vendors; • Review new hiring locations for compliance with data protection and security standards; • Develop incident response procedures and maintain internal security documentation and knowledge base.
• Assess security configurations across Windows Server, Linux, networking, Azure and Microsoft 365 against recognised best practice standards • Develop and implement remediation plans to address identified security weaknesses across the infrastructure estate • Resolve permission and ACL issues, including file and folder access concerns, without impacting service availability • Improve Azure and Microsoft 365 security posture, including remediation of findings raised by Microsoft security tooling and maintaining Microsoft Secure Score • Strengthen identity, ransomware resilience and end-user security controls across the wider technology estate • Review and uplift data protection measures, including DLP configurations and broader data loss prevention controls • Create and maintain process documentation as controls, processes and operating practices mature
• Architect and implement defensive security controls for cloud, production, and corporate environments • Support the deployment, configuration, and maintenance of network security tools • Build systems to support automation, visibility, and threat detection for efforts across various information security and infrastructure teams • Independently drive network security initiatives and foster a security-first mindset across the organization • Work closely with Network, Infrastructure, and other partner teams to review designs and use-cases, ensuring our networks are secure by design
• Implementar y gestionar configuraciones de seguridad en entornos cloud (Azure/AWS), asegurando el cumplimiento de estándares y protección de la infraestructura. • Desarrollar y automatizar infraestructura como código (IaC) con enfoque en seguridad utilizando herramientas como Terraform. • Integrar herramientas de seguridad (SAST, DAST, SCA) dentro de pipelines CI/CD (Jenkins u otros), asegurando controles de seguridad en todo el ciclo de desarrollo. • Configurar y administrar controles de seguridad en contenedores y orquestadores (Docker, Kubernetes/AKS). • Gestionar identidades y accesos (IAM / Managed Identities) y aplicar principios de Zero Trust y microsegmentación. • Implementar y administrar redes seguras (WAF, API Management, Firewalls) para proteger aplicaciones y servicios. • Asegurar el cumplimiento de frameworks de seguridad (NIST, ISO 27001, SAMM), identificando y mitigando vulnerabilidades. • Automatizar procesos y scripting para fortalecer la seguridad en entornos cloud y multi-plataforma. • Documentar arquitecturas, flujos y controles de seguridad de las soluciones implementadas.
