Data Protection Engineer

POSITION SUMMARY: The Data Protection Engineer is responsible for designing, implementing, and operating technical controls that safeguard sensitive data across the enterprise. The incumbent focuses on data discovery, classification, and governance, ensuring that sensitive information is accurately identified, labeled, protected, and handled in accordance with regulatory, legal, and business requirements. The Data Protection Engineer partners closely with Information Technology, Security Operations, Privacy, Compliance, and data owners to enforce risk-based controls, reduce data exposure, and enable secure use of data across on-premises, cloud, and SaaS environments. Through automation, policy tuning, and continuous monitoring, the incumbent helps maintain visibility into data flows, prevents data loss, sensitive data overexposures, and supports a scalable, auditable data governance program., + Lead the execution of enterprise-wide data discovery & classification for both unstructured data (files, email, collaboration platforms, endpoints, SaaS) and structured data (databases, data warehouses, analytics and AI platforms).

• Lead data protection controls for Generative AI platforms (e.g., Microsoft Copilot, enterprise chat, custom LLM solutions) to prevent unintended data disclosure and misuse.

• Implement safeguards to ensure only appropriately classified and authorized data is available for AI prompts, responses, training, or retrieval-augmented generation (RAG).

• Identify and mitigate data overexposure risks, including: excessive permissions and oversharing in collaboration platforms, public or broadly accessible cloud storage, file servers and databases, sensitive data leakage through prompts or outputs, autonomous or agentic workflows acting beyond approved scope, and shadow AI and unsanctioned model usage

• Support data lifecycle governance, including retention, archival, legal hold, and secure disposal for both human and AI-accessible data.

• Drafts configuration manuals, operating procedures, reports, and system hardening guidelines.

• Provides guidance in the application and reporting of data protection technology performance metrics.

• Establish and maintain continuous data mapping and inventory to understand where sensitive data resides, how it is accessed, and how it flows across systems and integrations.

• Partner with cross-functional teams-including IT, Compliance, HR, and Legal-to ensure adherence to data protection standards.

• Performs other job-related duties as assigned or apparent., We are proud of our high employee engagement score of 86. We have an inclusive and diverse culture where every voice counts. In addition, our team positively impacted 4.6 million people in 2023 through the Republic Services Charitable Foundation and local community grants. These projects are designed to meet the specific needs of the communities we serve, with a focus on building sustainable neighborhoods.

STRATEGY

Republic Services' strategy is designed to generate profitable growth. Through acquisitions and industry advancements, we safely and sustainably manage our customers' multiple waste streams through a North American footprint of vertically integrated assets.

We focus on three areas of growth to meet the increasing needs of our customers: recycling and waste, environmental solutions and sustainability innovation.

With our integrated approach, strengthening our position in one area advances other areas of our business. For example, as we grow volume in recycling and waste, we collect additional material to bolster our circularity capabilities. And as we expand environmental solutions, we drive additional opportunities to provide these services to our existing recycling and waste customers.

Recycling and Waste

We continue to expand our recycling and waste business footprint throughout North America through organic growth and targeted acquisitions. The 13 million customers we serve and our more than 5 million pick-ups per day provide us with a distinct advantage. We aggregate materials at scale, unlocking new opportunities for advanced recycling. In addition, we are cross-selling new products and services to better meet our customers' specific needs.

Environmental Solutions

Our comprehensive environmental solutions capabilities help customers safely manage their most technical waste streams. We are expanding both our capabilities and our geographic footprint. We see strong growth opportunities for our offerings, including PFAS remediation, an increasing customer need.

SUSTAINABILITY INNOVATION

Republic's recent innovations to advance circularity and decarbonization demonstrate our unique ability to leverage sustainability as a platform for growth.

The Republic Services Polymer Center is the nation's first integrated plastics recycling facility. This innovative site processes rigid plastics from our recycling centers, producing recycled materials that promote true bottle-to-bottle circularity. We also formed Blue Polymers, a joint venture with Ravago, to develop facilities that will further process plastic material from our Polymer Centers to help meet the growing demand for sustainable packaging. We are building a network of Polymer Centers and Blue Polymer facilities across North America.

We continue to advance decarbonization at our landfills. As demand for renewable energy continues to grow, we have 70 landfill gas-to-energy projects in operation and plan to expand our portfolio to 115 projects by 2028.

• Experience designing and operating enterprise data discovery & classification programs across both unstructured data (files, email, collaboration platforms, endpoints) and structured data (databases, data warehouses, analytics platforms).

• Practical experience identifying and remediating data overexposure, such as: excessive permissions and oversharing in collaboration platforms, public or broadly accessible cloud storage and databases, and stale, orphaned, or business-unused sensitive data

• Hands-on expertise with data classification and labeling technologies, including rule-based, pattern-based, and machine-learning-driven classification for sensitive data types.

• Awareness of AI-related risks (e.g., data leakage in prompts, model training exposure, shadow AI usage) and the ability to help enforce safeguards and acceptable use standards.

• Familiarity with Data Security Posture Management (DSPM) or data access governance tools (e.g., Varonis, BigID, OneTrust, Microsoft Purview, Symmetry, Wiz, Lacework, or similar).

• Experience reducing data risk through policy automation, bulk remediation workflows, and continuous monitoring.

• Knowledge of data lifecycle management, including retention, archival, legal hold, and secure disposal practices.

• Relevant certifications such as CISSP, CISM, GSEC, Security+ or equivalent are highly desirable.

• Exposure to privacy engineering concepts, including data minimization, purpose limitation, and least-privilege access.

• Strong understanding of industry frameworks such as CIS and NIST.

• Excellent written and verbal communication skills.

MINIMUM REQUIREMENTS:

• 5+ years of experience in Information Security, Data Protection or Security Engineering roles.

• Prior experience implementing or operating technology within at least three of the following: Data Access Governance, Data Classification, Data Discovery, Data Encryption, Data Loss Prevention.

Pay Range: $99,800.00 -137,300.00 USD Annual DOE

Rewarding Compensation and Benefits

Eligible employees can elect to participate in:

• Comprehensive medical benefits coverage, dental plans and vision coverage.

• Health care and dependent care spending accounts.

• Short- and long-term disability.

• Life insurance and accidental death & dismemberment insurance.

• Employee and Family Assistance Program (EAP).

• Employee discount programs.

• Retirement plan with a generous company match.

• Employee Stock Purchase Plan (ESPP).

• Paid Time Off (PTO)

Republic Services, Inc. (NYSE: RSG) is a leader in the environmental services industry. We provide customers with the most complete set of products and services, including recycling, waste, special waste, hazardous waste and field services. Our industry-leading commitments to advance circularity and support decarbonization are helping deliver on our vision to partner with customers to create a more sustainable world. In 2023, Republic's total company revenue was $14.9 billion, and adjusted EBITDA was $4.4 billion. We serve 13 million customers and operate more than 1,000 locations, including collection and transfer stations, recycling and polymer centers, treatment facilities, and landfills. Although we operate across North America, the collection, recycling, treatment, or disposal of materials is a local business, and the dynamics and opportunities differ in each market we serve. By combining local operational management with standardized business practices, we drive greater operating efficiencies across the company while maintaining day-to-day operational decisions at the local level, closest to the customer. Our customers, including small businesses, major corporations and municipalities, want a partner with the expertise and capabilities to effectively manage their multiple recycling and waste streams. They choose Republic Services because we are committed to exceeding their expectations and helping them achieve their sustainability goals. Our 41,000 team members understand that it's not just what we do that matters, but how we do it.