IT Security Engineer

Lancesoft

Foster City, CA

Apply

JOB DETAILS

SALARY

$90

SKILLS

Analysis Skills, Applications Security, Architectural Design, Artificial Intelligence (AI), Brokerage, Cadence, Cloud Applications, Cloud Architecture, Cloud Computing, Computer Science, Computer Security, Configuration Management, Device Drivers, Documentation, Endpoint Security, HIPAA (Health Insurance Portability and Accountability Act), Identify Issues, Identity Data Management, Information Technology & Information Systems, Information/Data Security (InfoSec), Intellectual Property (IP), Internet Security, Knowledge Transfer, Loss Prevention, Microsoft Product Family, Microsoft Windows Azure, Network Security, Operations Processes, PCI, PCI-DSS, People Management, Policy Development, Procedure Development, Python Programming/Scripting Language, Regulations, Regulatory Compliance, Risk, SSL-TLS (Secure Socket Layer - Transport Layer Security), Sales Management, Scripting (Scripting Languages), Security Architecture, Security Assertion Markup Language (SAML), Security Information and Event Management (SIEM), Security Infrastructure, Software Engineering, Splunk, Technical Leadership, Test Data, Test Design, Test Plan/Schedule, VPN (Virtual Private Network), Website Traffic, Windows PowerShell

LOCATION

Foster City, CA

POSTED

Today

Job Title:(IT Security Engineer)
Data Protection Security Engineer –Netskope LeadJob Duration: 06+ months contract with possible extension.LocationFoster City, CA 94404Pay Range$90.00 –105.00/hour on W2Work TypeHybrid
Job description:

Data Protection Security Engineer –Netskope Lead
Onsite in Foster City, CA | at least 3 days in office

Client is seeking an experienced and skilled Security Engineer to serve as the technical lead for the enterprise implementation, configuration, and ongoing management of Netskope Next-Generation Secure Web Gateway (NG SWG) and Network Private Access (NPA). This individual will own the end-to-end deployment lifecycle of these platforms and will be the primary driver for developing, implementing, and testing Data Loss Prevention (DLP) policies across the organization. The ideal candidate brings deep hands-on expertise with Netskope, a strong understanding of zero-trust network access principles, and a proven track record of building effective DLP programs in complex enterprise environments.

Key Responsibilities:
In this role, you will be responsible for the end-to-end administration and health of the Netskope tenant, ensuring that all deployed products are correctly configured, consistently enforced, and aligned with client's security policies and risk posture. You will manage the NG SWG to inspect, control, and secure web traffic across the enterprise, leveraging Skope AI's threat intelligence and behavioral analytics to detect and respond to anomalous activity in real time. You will be expected to build and maintain SSL inspection policies, URL filtering categories, threat protection profiles, and Cloud app controls with a clear understanding of how these layers interact.

Netskope NG SWG Implementation & Management
Lead the full lifecycle deployment of Netskope NG SWG, including architecture design, tenant configuration, traffic steering, and integration with existing security infrastructure
Configure and maintain SSL/TLS inspection, URL filtering, cloud application controls, and threat protection policies
Integrate Netskope with identity providers (e.G., Okta, Azure AD) for user-based policy enforcement
Manage Netskope client deployment across endpoints in coordination with endpoint and IT teams
Establish and maintain logging, alerting, and reporting pipelines from the Netskope platform into SIEM tools
Netskope NPA Implementation & Management
Lead the design and deployment of Netskope NPA to replace or supplement traditional VPN infrastructure, enabling zero-trust application access
Define publisher placement, application segmentation, and access policies aligned to least-privilege principles
Collaborate with application owners and IT teams to onboard private applications to the NPA framework
Continuously evaluate and refine NPA policies based on access patterns and security posture requirements
DLP Policy Development & Testing
Develop a comprehensive DLP strategy covering web, cloud, and private application traffic traversing the Netskope platform
Create, tune, and maintain DLP profiles and policies for sensitive data categories including PII, PHI, PCI, intellectual property, and other regulated or confidential data types
Conduct structured DLP policy testing using representative data samples to validate detection accuracy and minimize false positives
Establish a formal policy review and tuning cadence in partnership with Legal, Compliance, and Data Governance teams
Investigate and respond to DLP policy alerts, escalating incidents per established procedures
Stakeholder Collaboration & Documentation
Serve as the subject matter expert for Netskope NG SWG, NPA, and DLP across security, IT, and business teams
Produce and maintain architecture diagrams, runbooks, policy documentation, and operational procedures
Provide guidance and knowledge transfer to junior engineers and security operations staff
Engage with Netskope TAM and support resources to stay current on platform capabilities and roadmap

Required Qualifications:

8+ years of experience in network security, cloud security, or information security engineering.
2+ years of hands-on experience deploying and managing Netskope NG SWG and/or NPA in an enterprise environment.
Demonstrated experience developing and managing DLP policies, including policy design, testing, and tuning.
Strong understanding of zero-trust network access (ZTNA) concepts and architectures.
Proficiency with SSL/TLS inspection, proxy architectures, and cloud access security broker (CASB) functionality.
Working knowledge of identity and access management platforms (Okta, Azure AD, SAML, SCIM).
Familiarity with regulatory frameworks relevant to DLP (HIPAA, PCI-DSS, GDPR, CCPA, etc.)
Strong analytical and troubleshooting skills with the ability to work through complex network and policy issues.

Preferred Qualifications:

Netskope One Professional or equivalent Netskope certification
Experience integrating Netskope with SIEM/SOAR platforms (Splunk, Microsoft Sentinel, etc.)
Background in endpoint security, SASE architecture, or broader SSE framework implementation
Experience with scripting or automation (Python, PowerShell) for policy management or log analysis
Familiarity with additional DLP tools or platforms beyond Netskope

Education:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field —or equivalent hands-on experience in lieu of a degree

About the Company

Lancesoft

We are a $125 Million, NMSDC-certified Minority & Woman owned Workforce Solutions Company headquartered in the DC metro area with presence across US with global presence - Canada, Mexico, India, UK, Malaysia, Indonasia, Hongkong, Singapore, UAE. We are specialized in providing Workforce Solutions, SOW project delivery, Engineering Solutions, Creative Services. We currently support 100+ Fortune companies globally and across multiple industry segments. We are currently supporting several massive programs across industry segment nationally/globally (Intel, Ally, AMD, QUALCOMM, Morgan Stanley, Kraft/ Mondelez, MNP, Amdocs, Dell, SanDisk, Medtronic, Becton Dickinson, GE, Lockheed Martin, UTC, L-3 Communications, Caterpillar, BMW, Mercedes Benz, National Grid, Dominion, Energy Future Holdings, PSEG, 3M, Fidelity, Aetna, Humana, Johnson & Johnson, Pfizer, Merck etc).

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, identity, national origin, disability, or protected veteran status.

COMPANY SIZE

2,000 to 2,499 employees

INDUSTRY

Staffing/Employment Agencies

FOUNDED

2000

WEBSITE

http://www.lancesoft.com/

Resume Resources

Free Resume Templates Free Resume Builder