Apply on Employer Site

CoStar Group · 1 day ago

Lead Data Loss Prevention (DLP) Security Engineer

Arlington, VA

Full-time

Hybrid

Lead/Staff

8+ years exp

CoStar Group is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. They are seeking a Lead Data Loss Prevention (DLP) Security Engineer to design, scale, and operationalize Microsoft Purview-based protections across endpoints and Microsoft 365 workloads, while partnering with various teams to enhance data security and compliance.

AnalyticsCommercial Real EstateReal Estate

No H1B

Responsibilities

Own the enterprise DLP architecture and roadmap using Microsoft Purview across Exchange Online, SharePoint Online, OneDrive, Teams, Power BI, and Endpoint DLP on managed devices

Design and implement data classification and labeling at scale (sensitivity labels, automatic/manual labeling, protection actions) aligned to the organization’s data taxonomy

Build, test, and tune DLP policies for high‑risk exfiltration vectors (email, cloud storage, chat, web uploads, endpoints: removable media, print, clipboard, Bluetooth, RDP, browser downloads)

Stand up and mature advanced classifiers and detections (Sensitive Information Types, Exact Data Match schemas, trainable classifiers) with continuous improvement cycles

Integrate DLP with incident management and SOC workflows (alert triage, case management, evidence capture, automation) and with SIEM (e.g., Microsoft Sentinel) using KQL analytics

Partner with Identity, Endpoint, and Collaboration teams to enforce device/user trust prerequisites, and with Compliance/Legal on retention, eDiscovery, and privacy-by-design

Create enablement content: policy tips, just‑in‑time guidance, and training for end users and privileged administrators to reduce friction and false positives

Establish exception and change management processes, including time‑bound exceptions with compensating controls and periodic recertification

Publish dashboards and KPIs to leadership (coverage, alert volumes, true‑positive rates, MTTR, prevented exfiltration, policy drift)

Mentor junior engineers and act as the primary subject‑matter expert for Microsoft Purview DLP

Qualification

Microsoft PurviewData Loss Prevention (DLP)Kusto Query Language (KQL)PowerShellIncident ManagementData GovernanceStakeholder ManagementChange ManagementDocumentationMentoringCollaboration

Required

Bachelor's Degree required from an accredited, not for profit university or college

A track record of commitment to prior employers

8+ years in information security with 3–5+ years focused on enterprise DLP

Hands‑on expertise deploying and operating Microsoft Purview Information Protection & DLP at 5k+ user scale, including Endpoint DLP and M365 workloads

Practical experience with sensitivity labels, automatic and manual labeling, Sensitive Information Types, Exact Data Match (EDM), and trainable classifiers

Proficiency with Kusto Query Language (KQL), PowerShell, and API/automation for policy management and reporting

Experience integrating DLP with SIEM/SOAR, SOC runbooks, and incident/alert handling processes

Strong stakeholder skills: partnering with Legal/Privacy, HR, Compliance, and business units; clear documentation and change management

Working knowledge of data governance and regulatory drivers (e.g., SOX ITGC, PCI, HIPAA, GDPR/CCPA) as they relate to DLP and monitoring

Preferred

Track record accelerating a Microsoft Purview rollout from pilot to enterprise adoption, with measurable risk reduction

Experience with Defender for Cloud Apps integration, Defender XDR signal correlation, and Endpoint platform integrations (Intune, Windows, Mac)

Knowledge of Microsoft Information Protection (MIP) SDK, Power Automate, or Graph APIs to extend labeling and DLP workflows

Certifications: SC‑400 (Microsoft Information Protection Administrator), SC‑200 (Security Operations Analyst), SC‑100 (Cybersecurity Architect), or IAPP (CIPM/CIPP)

Benefits

Comprehensive healthcare coverage: Medical / Vision / Dental / Prescription Drug

Life, legal, and supplementary insurance

Virtual and in person mental health counseling services for individuals and family

Commuter and parking benefits

401(K) retirement plan with matching contributions

Employee stock purchase plan

Paid time off

Tuition reimbursement

On-site fitness center and/or reimbursed fitness center membership costs (location dependent), with yoga studio, Pelotons, personal training, group exercise classes

Access to CoStar Group’s Diversity, Equity, & Inclusion Employee Resource Groups

Complimentary gourmet coffee, tea, hot chocolate, fresh fruit, and other healthy snacks