Data Security Engineer (Remote/Southeast)
Role details
Job location
Tech stack
Job description
Data security at AFL is a priority, and this role sits at the center of it. This role owns the implementation and operation of the DSPM and DLP platforms. Under the guidance of the Sr. Manager, Cybersecurity, the Data Security Engineer is responsible for building and advancing the data security program, taking initiative and exercising sound judgment to achieve program objectives. This is a hands-on role with program ownership; the role collaborates closely with security analysts, information owners, and legal to reduce data risk across the organization., * Administer and optimize the DSPM platform (Cyera); drive data discovery, classification, and risk prioritization across cloud and on-premises environments.
- Administer and operate the DLP platform (Proofpoint); create, tune, and maintain policies to prevent unauthorized data movement.
- Investigate and respond to DLP incidents; work with information owners and business stakeholders to resolve and remediate.
- Collaborate with Security Analysts to correlate data security findings with broader security investigations and incidents.
- Design and implement a data classification schema and labeling program.
- Define and maintain data security policies and procedures.
- Build metrics and reporting to communicate program health and risk reduction to leadership.
- Partner with legal, compliance, and IT teams to align data security controls with business requirements.
- Support audits and regulatory requirements related to data protection.
- Contribute to disaster recovery planning and exercises with technology teams.
Requirements
Do you have experience in Security classification?, Do you have a Bachelor's degree?, * Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Systems, or related field or equivalent experience
- 4+ years in an information security role with a focus on data security, data protection, or DLP.
- Hands-on experience with a DSPM platform (Cyera, Sentra, Varonis, BigID, or similar).
- Hands-on experience with an enterprise DLP platform (Proofpoint, Symantec, Forcepoint, Microsoft Purview, or similar).
- Experience designing or implementing a data classification framework.
- Strong written and verbal communication skills.
- Ability to translate technical risk into clear business language.
Preferred
- Experience with Microsoft Purview Information Protection and sensitivity labeling.
- Familiarity with regulatory frameworks such as GDPR, CCPA, HIPAA, or PCI-DSS.
- Experience standing up or maturing a data security program from early stages.
- Basic scripting ability (Python, PowerShell, or similar) for data analysis and automation.
Personal Qualities
- Strong communicator; comfortable working directly with legal, compliance, and non-technical stakeholders.
- Analytical mindset; translates technical risk into clear business language.
- Self-directed and ownership-oriented; builds programs, not just operates tools.
- Collaborative; builds trusted relationships across security, IT, and business teams.
- Detail-oriented; produces accurate, low-noise outputs and metrics that leadership can act on.
Benefits & conditions
Pulled from the full job description
- Tuition reimbursement
- Health insurance
- 401(k) matching
- Vision insurance
- Dental insurance
- Life insurance
- Opportunities for advancement, * Flexible time off policy
- 401K Company match (up to 4% - dollar for dollar)
- Professional development, training, and tuition reimbursement programs
- Excellent medical, dental, vision, and life insurance policy options
- Opportunities for career advancement with an industry leading company!