Sr IT Security Engineer Data Governance, Protection & DLP Focus

Sr IT Security Engineer – Data Governance, Protection & DLP Focus
Chicago, IL – hybrid work from home: 3 days onsite in the loop; 2 days WFH

Summary
The Sr IT Security Engineer's primary focus is using Microsoft Purview to design, implement and maintain enterprise data governance standards, data protection policies, while partnering with GRC.

This is a techno-functional role, where you'll also be collaborating with cross-functional teams — including AI (which is a major initiative for us right now), Data, Applications and key business stakeholders.

This role will also participate in incident response activities involving data loss prevention, and other areas of compliance.

What you'll be doing

• Design, configure, and maintain Microsoft Purview solutions for data classification, labeling, retention, and compliance in alignment with enterprise policies and regulatory requirements.
• Implement and manage data security controls, including Information Protection policies, Data Loss Prevention (DLP), Insider Risk Management, and eDiscovery workflows.
• Implement policies to protect sensitive Client and enterprise data through classification, labeling, encryption, access governance, and monitoring across Microsoft 365, Azure, and integrated environments.
• Work with Records Management, Data Governance IT Risk and other teams to develop, enforce, and maintain compliance policies, ensuring consistent application of regulatory, contractual, and enterprise-specific data protection requirements.
• Build and optimize automated data governance workflows, enabling lifecycle management, secure data sharing, and defensible disposition of records in accordance with enterprise strategy.
• Integrate Purview insights and alerts into Security Operations, incident response, and GRC processes to strengthen visibility, detection, and remediation of data-related risks.
• Collaborate with Records Management, Data Governance, IT, Security, Legal, and Compliance teams to design policies and processes that balance regulatory obligations, client requirements, and business operations.
• Monitor and respond to Purview compliance alerts, investigating potential risks such as data leakage, insider threats, or policy violations, and recommending remediation.
• Participate in risk assessments, audits, and compliance efforts related to data governance and regulatory frameworks (e.g., ISO 27001, GDPR, CCPA, HIPAA).
• Stay current with emerging data governance technologies, compliance regulations, and best practices, ensuring the enterprise continues to mature its use of Microsoft Purview capabilities.

Skills we're seeking

• 5+ years experience with IT Security Engineering
• Must have strong experience with Microsoft Purview
• Must have strong experience with Data Governance and Data Protection
• Must have DLP experience

Nice to haves

• Bachelor's Degree, ideally in an IT Security or Computer Science related field
• M365 Security Experience
• Azure Cloud Security experience
• Experience with Insider Risk Management, using tools such as Varonis, Digital Client, or Cyberhaven
• Experience with Incident Response
• SIEM experience
• PowerShell scripting experience
• GRC experience
• Security Certifications or Azure Certifications