Senior Engineer, Data Protection & AI Security

FIRSTPRO INC
Brookline, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Brookline, United States of America

Tech stack

API
Artificial Intelligence
Amazon Web Services (AWS)
Cloud Computing
Cloud Computing Security
Cloud Database
Computer Security
Data Governance
Information Leak Prevention
ETL
Data Security
Identity and Access Management
Information Security Management
Intrusion Detection and Prevention
Automation of Marketing
Network Connections
Open Web Application Security
Performance Tuning
SQL Databases
Systems Integration
Unstructured Data
Data Classification
Large Language Models
Amazon Web Services (AWS)
Information Technology

Job description

Data Security Posture Management

  • Own the end-to-end deployment, configuration, and operationalization of the firm's DSPM platform, including onboarding data sources across public cloud environments, cloud data warehouses, SQL databases, and network file shares
  • Triage and prioritize DSPM findings, coordinate remediation with data owners and infrastructure teams, and build reporting workflows that translate discovery results into actionable risk reduction
  • Rationalize DSPM capabilities across the security tool portfolio to eliminate overlap between cloud-native application protection, DSPM, and endpoint-based data security platforms
  • Partner with Cloud Operations and application teams to navigate technical integration challenges, including IAM permissions, network connectivity, and change management processes
  • Data Classification & GovernanceDesign and implement a data classification framework that establishes sensitivity levels, ownership models, and handling requirements for the firm's data
  • Develop and maintain data classification policies that inform downstream controls across DLP, DSPM, access governance, and backup immutability
  • Serve as the security team's subject matter expert on data governance, partnering with Compliance and business stakeholders to align classification efforts with regulatory and operational requirements
  • AI SecurityEvaluate, deploy, and manage AI security monitoring tools to provide visibility into sanctioned and unsanctioned AI usage across the enterprise
  • Develop detection capabilities for sensitive data exposure through GenAI workflows, including monitoring for data leakage via AI prompts, outputs, and integrations with enterprise tools
  • Establish and maintain an AI governance operating model in coordination with the CISO and the Data Science team, including sanctioned tool inventories, acceptable use guardrails, and risk-based approval workflows for new AI applications
  • Stay current on evolving AI security frameworks (OWASP LLM Top 10, NIST AI RMF, MITRE ATLAS) and translate emerging threats into practical defensive measures for the firm
  • Data Loss Prevention & Insider ThreatManage and enhance the firm's DLP and insider threat platforms to prevent unauthorized data movement across endpoints, cloud applications, and email
  • Develop and tune DLP policies informed by DSPM discovery and data classification outputs, ensuring controls are risk-proportionate and operationally sustainable
  • Partner with Security Operations to integrate data protection alerts into the firm's SOAR platform for automated triage and response workflows

Requirements

  • Hands-on experience deploying and operating Data Security Posture Management (DSPM) platforms

  • Strong working knowledge of cloud security in public cloud environments (AWS preferred), including IAM roles and policies, object storage security, VPC architecture, and infrastructure-as-code templates

  • Experience with enterprise DLP platforms and insider threat tools, including policy development, tuning, and incident workflows

  • Familiarity with data classification methodologies and tools across structured and unstructured data environments

  • Experience with SaaS Security Posture Management (SSPM) platforms

  • Working knowledge of AI/ML security concepts, including GenAI data leakage vectors, prompt injection risks, and shadow AI discovery

  • Experience integrating security tools via APIs and working with SOAR and automation platforms

  • Proficiency with cloud data warehouses, SQL databases, and cloud object storage from a security and access governance perspective

  • Familiarity with enterprise identity providers and identity governance platforms as they relate to data access controls

  • QualificationsBachelor's degree in computer science, information security, or a related technical field (or equivalent professional experience)

  • 7+ years of experience in information security, with at least 3 years focused on data security, data protection, or cloud security engineering

  • Demonstrated ability to own and drive complex, multi-stakeholder technical projects from planning through operationalization

  • Strong understanding of data privacy and protection regulations relevant to financial services (GLBA, SOX, SEC guidelines, GDPR)

  • Excellent written and verbal communication skills, with the ability to translate technical findings into business risk language for senior leadership

  • A self-starter with an ownership mindset who thrives in a lean team environment where independent judgment and initiative are expected

  • Experience in financial services, private equity, or asset management is strongly preferred

Apply for this position