Data Security Engineer

CGI•Dc, DC

1d•Hybrid

About The Position

CGI has an immediate need for a Data Security Engineer to Lead a data classification initiative for a Credit Union using M.S. Purview We partner with 15 of the top 20 banks globally, and our top 10 banking clients have worked with us for an average of 26 years!. This role is located at a client site in DC. A hybrid working model is acceptable. Your future duties and responsibilities: . We are seeking an experienced Senior Data Security Engineer with deep expertise in Sensitivity Classification Frameworks and implementing Data Loss Prevention (DLP) solutions using Microsoft Purview . The ideal candidate will lead data protection initiatives, design and implement classification policies, and manage DLP solutions to safeguard sensitive enterprise data across cloud and on-prem environments . Lead the design, deployment, and management of Sensitivity Classification frameworks aligned with organizational compliance and security policies . Architect and implement Data Loss Prevention (DLP) solutions leveraging Microsoft Purview across Microsoft 365 and other enterprise data repositories . Develop and enforce data classification policies, labeling strategies, and protection mechanisms to mitigate data leakage risks . Collaborate with security, compliance, and business teams to identify sensitive data and tailor DLP controls accordingly . Conduct risk assessments and provide recommendations to enhance data governance and data security posture . Monitor DLP alerts, investigate incidents, and coordinate remediation activities . Provide senior-level guidance and mentoring to junior security engineers and stakeholders . Stay updated with the latest trends and best practices in data security, DLP technologies, and compliance regulations

Requirements

Minimum 7 years of experience in data security, information protection, or related roles with a focus on data classification and DLP
Hands-on experience with Microsoft Purview Data Loss Prevention (DLP) solutions and sensitivity labeling across Microsoft 365 and Azure environments
Strong understanding of Sensitivity Classification Frameworks, including designing and implementing classification labels, policies, and rules
Expertise in configuring, tuning, and managing DLP policies to detect and prevent sensitive data exposure
Familiarity with compliance standards such as GDPR, HIPAA, PCI-DSS, and how they relate to data classification and protection
Experience with Microsoft Information Protection (MIP) suite, including Azure Information Protection (AIP)
Ability to analyze data flow and classify sensitive data across multiple sources (SharePoint, Exchange, OneDrive, Teams, endpoints)
Excellent communication skills with the ability to translate technical concepts to business stakeholders
Proven leadership experience in guiding teams and managing data security projects end-to-end
Bachelor's degree in Computer Science, Information Systems, or a related field

Responsibilities

Lead the design, deployment, and management of Sensitivity Classification frameworks aligned with organizational compliance and security policies
Architect and implement Data Loss Prevention (DLP) solutions leveraging Microsoft Purview across Microsoft 365 and other enterprise data repositories
Develop and enforce data classification policies, labeling strategies, and protection mechanisms to mitigate data leakage risks
Collaborate with security, compliance, and business teams to identify sensitive data and tailor DLP controls accordingly
Conduct risk assessments and provide recommendations to enhance data governance and data security posture
Monitor DLP alerts, investigate incidents, and coordinate remediation activities
Provide senior-level guidance and mentoring to junior security engineers and stakeholders
Stay updated with the latest trends and best practices in data security, DLP technologies, and compliance regulations