Cybersecurity- Vulnerability Management and Data Loss Prevention (DLP) Lead

Title: Vulnerability Management and Data Loss Prevention (DLP) Lead

Location: Houston, Texas Downtown, must relocate, No Exceptions. (4 days in-office, 1 day remote)

Duration: Contract

JD: (DLP) Technical Lead

Key Responsibilities

1. Lead implementation and enhancement of Microsoft Purview Data Classification and DLP policies across Exchange, SharePoint, OneDrive, Teams, and endpoint environments
2. Design, implement, and optimize DLP policies and rules (conditions, thresholds, exceptions) to improve detection accuracy and reduce false positives
3. Drive automation of DLP alert investigations, including detection validation, triage workflows, and root cause analysis
4. Develop and enhance sensitivity labeling frameworks, including taxonomy, enforcement strategies, and enterprise-wide adoption
5. Analyze data classification trends and misclassifications, and coordinate user awareness and policy communication initiatives
6. Build and maintain operational reporting frameworks, including dashboards and cadence-based reporting (monthly/quarterly) for risk, incidents, and performance metrics
7. Lead AI security governance initiatives across Microsoft Copilot, Power Platform, and third-party AI integrations (including Onyx), focusing on posture assessments, guardrails, and risk mitigation
8. Establish and maintain standard operating procedures (SOPs), runbooks, and QA processes for DLP investigations and incident management
9. Ensure audit readiness and compliance, including documentation, evidence retention, and traceability for security events
10. Collaborate with security, compliance, IT, and business stakeholders to prioritize remediation activities and manage security backlogs
11. Mentor and guide security analysts, manage workload distribution, and ensure adherence to service-level agreements (SLAs)
12. Lead integration of data protection capabilities across enterprise security platforms, including SaaS Security Posture Management (SSPM/SPM) tools, ensuring visibility, governance, and policy enforcement across cloud applications
13. Oversee database security and monitoring initiatives using IBM Guardium, including protection of Oracle, SQL Server, and DB2 environments, ensuring compliance and sensitive data protection
14. Drive continuous improvement of enterprise data protection capabilities through automation, tool integration, and alignment with broader cybersecurity architecture

Qualifications

• 12+ years of experience in cybersecurity, data protection, or DLP operations, with strong focus on enterprise security platforms
• Hands-on experience with Microsoft Purview (DLP, Information Protection, Sensitivity Labels) and M365 security ecosystem
• Strong working knowledge of database security solutions such as IBM Guardium, including monitoring and protection of Oracle, SQL Server, and DB2 environments
• Experience with SaaS Security Posture Management (SSPM/SPM) tools and cloud security governance across enterprise SaaS platforms
• Exposure to AI security tools and governance frameworks (e.g., Onyx, Copilot security controls) for managing emerging AI risks
• Strong understanding of data security, compliance frameworks (NIST, ISO, etc.), and risk management practices
• Experience with automation, reporting, and security analytics tools to drive operational efficiency
• Strong stakeholder management, leadership, and communication skills, with experience working across cross-functional teams