Apply on Employer Site

Inmar Intelligence · 1 day ago

Engineer, Data Loss Prevention

Headquarters, Winston Salem, NC

Full-time

Onsite

Mid Level

3+ years exp

Inmar Intelligence is a company focused on data protection and security. They are seeking a Data Loss Prevention (DLP) Engineer to implement and operate their data loss prevention program, ensuring the protection of sensitive data from unauthorized disclosure and misuse through the deployment of DLP technologies.

Computer Software

No H1B

Responsibilities

Design, implement, and maintain DLP policies across endpoint, network, email, and cloud platforms to prevent unauthorized data disclosure

Develop and maintain complex detection patterns using regular expressions (regex), keyword matching, file fingerprinting, and metadata-based rules for identifying sensitive data (PII, PHI, PCI, intellectual property, etc.)

Configure and tune DLP rules to detect sensitive data across structured and unstructured formats including documents, databases, emails, web traffic, and cloud storage

Continuously optimize detection accuracy by reducing false positives while maintaining effective coverage of true data exposure risks

Monitor, analyze, and investigate DLP alerts and events to determine if they represent genuine data exposure risks or false positives

Conduct detailed analysis of flagged events including reviewing content snippets, user behavior patterns, file metadata, and transmission channels

Correlate DLP events with other security data sources (SIEM, endpoint detection, user behavior analytics) to identify potential insider threats or data exfiltration attempts

Document investigation findings and provide clear recommendations on incident severity, required remediation actions, and policy adjustments

Escalate confirmed data exposure incidents to incident response team and support forensic investigations as needed

Engage with engineering teams to maintain and optimize DLP infrastructure including agents, network sensors, cloud connectors, and management consoles

Develop and maintain automated workflows for alert triage, policy updates, and reporting

Create and maintain comprehensive documentation of DLP policies, detection patterns, investigation procedures, and operational runbooks

Test new DLP rules and policies in non-production environments before deployment to minimize business disruption

Integrate DLP systems with other security tools including SIEM, SOAR, ticketing systems, and data classification platforms

Contribute to the strategic development and maturation of the organizations DLP program aligned with data protection objectives and regulatory requirements

Research and evaluate new DLP technologies, detection techniques, and data classification methodologies to enhance program effectiveness

Identify gaps in data visibility and coverage, recommending expansion of DLP controls to new data repositories, communication channels, or cloud services

Develop metrics and KPIs to measure DLP program effectiveness including policy coverage, detection accuracy, incident response times, and false positive rates

Provide regular reporting on DLP trends, top data exposure risks, user behavior patterns, and policy effectiveness to SOC management and stakeholders

Collaborate with legal, compliance, privacy, HR, and business units to understand data handling requirements and ensure DLP policies support business operations

Provide guidance to business teams on secure data handling practices and acceptable use of sensitive information

Support privacy and compliance teams with DLP controls for regulatory requirements (GDPR, CCPA, HIPAA, PCI-DSS, etc.)

Participate in data classification initiatives to ensure consistent labeling and handling of sensitive information

Support incident response activities related to data exposure or insider threat investigations

Participate in security awareness initiatives by providing real-world examples of data exposure risks and best practices

Maintain knowledge of data protection regulations, industry best practices, and emerging data exfiltration techniques

Support audit and compliance activities by providing DLP policy documentation, configuration details, and evidence of monitoring

Contribute to change management processes for DLP policy updates and system modifications

Operate within SOC workflows, SLAs, and escalation paths for data exposure incidents

Qualification

Data Loss PreventionRegular Expressions (regex)Cybersecurity ExperienceSIEM PlatformsData Classification FrameworksScripting/AutomationData Privacy RegulationsAnalytical SkillsCommunication SkillsTeamworkAdaptabilityIntegrity

Required

Bachelor degree in Computer Science, Information Security, Information Technology, or related field

3-5 years of experience in cybersecurity with at least 2 years focused on data loss prevention, data security, or security operations

Strong proficiency in regular expressions (regex) for pattern matching and data identification

Experience with enterprise DLP solutions

Understanding of data classification frameworks and sensitive data types (PII, PHI, PCI, trade secrets, intellectual property)

Knowledge of data transmission protocols and common data exfiltration channels (email, web uploads, removable media, cloud storage, messaging platforms)

Strong analytical skills with ability to investigate security events and distinguish true positives from false positives

Experience with SIEM platforms and security event correlation

Basic Proficiency with scripting or automation (Python, PowerShell, or similar) for data analysis and workflow automation

Excellent written and verbal communication skills with ability to explain technical findings to non-technical stakeholders

Understanding of data privacy regulations such as GDPR, CCPA, HIPAA, and PCI-DSS

Preferred

Certifications such as CISSP, Security+, CEH, GCFA, or vendor-specific DLP certifications

Experience with cloud DLP solutions for Microsoft 365, Google Workspace, AWS, or Azure environments

Knowledge of insider threat detection methodologies and user behavior analytics (UBA/UEBA)

Experience with data classification tools and automated content inspection technologies

Understanding of endpoint security controls and endpoint DLP deployment models

Familiarity with SOAR platforms and automated response workflows

Experience with forensic analysis of data exposure incidents

Knowledge of cryptography and encryption technologies for data protection

Benefits

Medical, Dental, and Vision insurance

Basic and Supplemental Life Insurance options

401(k) retirement plans with company match

Health Spending Accounts (HSA/FSA)

Flexible time off and 11 paid holidays

Family-building benefits, including Maternity, Adoption, and Parental Leave

Tuition Reimbursement and certification support, reflecting our commitment to lifelong learning

Wellness and Mental Health counseling services

Concierge and work/life support resources

Adoption Assistance Reimbursement

Perks and discount programs

Company

Inmar Intelligence

Glassdoor3.7

Welcome to Inmar Intelligence, recently certified a Great Place to Work®! Through curiosity and the intelligent use of data and technology, we make businesses smarter to improve consumers’ lives.

Founded in 1980

Winston-Salem, NC, US

1001-5000 employees