Senior Data Security Engineer (USSOCOM-Zero Trust, Azure Securit

Kentro LLC
Tampa, United States of America
13 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Tampa, United States of America

Tech stack

Microsoft Active Directory
Amazon Web Services (AWS)
Azure
Server Message Block
Cloud Computing
Computer Security
Information Leak Prevention
Data Security
Database Storage Structures
Identity and Access Management
Massachusetts Comprehensive Assessment Systems
Metadata
Microsoft Security Essentials
Network File Systems
NoSQL
Performance Tuning
Azure
Kusto Query Language
Zero Trust Network Access
SQL Databases
Systems Integration
HybridCloud
Storage Technologies
Information Technology
Microsoft Sentinel
Splunk
Vulnerability Analysis

Job description

As a Senior Data Security Engineer, you will architect, deploy, and manage advanced data rights management, DLP policies, and security monitoring solutions. You will serve as the premier subject matter expert for Microsoft Azure security, with a heavy focus on Microsoft Purview and Microsoft Defender XDR.

Furthermore, you will lead the implementation of Trellix Full Data Loss Prevention (DLP) and the Microsoft Defender suite to enforce continuous compliance, prevent unauthorized data exfiltration, and establish secure access boundaries for USSOCOM's critical intelligence, * Azure Security & XDR: Architect and manage comprehensive Azure security solutions, serving as the primary lead for deploying and tuning Microsoft Purview and Microsoft Defender XDR across hybrid and classified environments.

  • Defender & Access Policy: Design and configure precise security policies within the Microsoft Defender suite, specifically leveraging Microsoft Purview, Microsoft Defender for Cloud Apps (MCAS), Entra ID, and Microsoft Conditional Access to control resource access based on identity, device compliance, and risk.
  • Trellix DLP Enforcement: Design, deploy, and enforce Trellix Full Data Loss Prevention (DLP) policies across endpoints and networks to stop unauthorized exfiltration of CUI and classified data without impacting mission performance.
  • Data Rights Management: Manage Active Directory Rights Management (AD-RMS) and Azure RMS as the primary DRM engines to enforce persistent, encryption-based protection of files and emails across USSOCOM networks.
  • Catalog & DLP Integration: Drive data catalog integration and metadata synchronization with enterprise platforms including Palantir, Microsoft Unified Catalog, Purview Audit, and Activity Explorer. Specifically, lead the integration of Palantir catalog solutions with Data Loss Prevention (DLP) tools to ensure seamless, end-to-end data security and monitoring.
  • Classification Tuning: Collaborate with mission owners to train classifiers and DLP rules to recognize unique USSOCOM data types (e.g., mission names, operational codes) and drastically reduce false positive rates in security alerts.

Requirements

  • Education: Master's degree (MA/MS) in Computer Science, Cybersecurity, Information Technology, or a related technical discipline.
  • Experience: 10+ years of relevant experience in enterprise systems engineering, data security, or cybersecurity operations.
  • Technical Skills:
  • Azure Security Expert: Expert-level proficiency in Microsoft Azure security architecture, with a dedicated focus on implementing and managing Microsoft Purview and Microsoft Defender XDR.

  • Microsoft Security Stack: Deep, hands-on expertise in the broader Microsoft Defender suite, specifically: o Microsoft Purview (Sensitivity Labeling, DLP, Information Barrier policies). o Microsoft Defender for Cloud Apps (Cloud Access Security Broker - CASB policies). o Microsoft Entra ID (Identity and Access Management). o Microsoft Conditional Access (Context-aware, zero-trust security policies).

  • Trellix & Palantir DLP Expertise: Proven experience designing, tuning, and enforcing Trellix Full Data Loss Prevention (DLP) policies at an enterprise scale. Must have specific expertise in the integration of Palantir catalog solutions with Data Loss Prevention tools.

  • Data Rights Management: Strong experience implementing and administering AD-RMS and Azure RMS in complex, multi-domain, or hybrid cloud environments.

  • Data Catalog Integration: Proven experience integrating and managing metadata across enterprise catalogs such as Palantir, Microsoft Unified Catalog, and utilizing Purview Audit and Activity Explorer.

  • Storage & Database Knowledge: Strong understanding of storage protocols (NFS, SMB/CIFS, S3) and database structures (SQL, NoSQL) to troubleshoot security scanning access.

  • Required Certifications:
  • Must possess one of the following DoD 8570/8140 IAT Level III certifications:
  • CISSP
  • CASP+
  • CCSP
  • CISM

Preferred Technical Skills (A-Plus):

  • Advanced knowledge of Kusto Query Language (KQL) for writing sophisticated detection rules, hunting queries, and diagnostic analysis within Microsoft Sentinel/Defender XDR.
  • Strong proficiency in Splunk Processing Language (SPL) for building advanced dashboards, alerts, and performing forensic analysis.

Clearance Requirement:

  • TS/SCI
  • Must be a US Citizen

Benefits & conditions

We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more. We invest in our employees - Every employee is eligible for education reimbursement for certifications, degrees, or professional development. Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.

About the company

By joining our supportive community, you will find that Kentro is dedicated to your personal and professional development. Together, we can drive meaningful change, spark innovation, and achieve extraordinary milestones., We believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. With you as our partner, let's solve challenges, think innovatively, and maximize impact. As a valued member of our team, you have the unique opportunity to work in a diverse range of technology and business career paths, all while supporting our nation and delivering innovative technology solutions. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence. We hold three ISO certifications (27001:2013, 20000-1:2011, 9001:2015), two CMMI ML 3 ratings (DEV and SVC) and CMMC Level 2 Certification. Industry Recognition Growth | Inc 5000's Fastest Growing Private Companies, DC Metro List Fastest Growing; Washington Business Journal: Fastest Growing Companies, Top Performing Small Technology Companies in Greater D.C. Culture | Northern Virginia Technology Council Tech 100 Honoree; Virginia Best Place to Work; Washington Business Journal: Best Places to Work, Corporate Diversity Index Winner - Mid-Size Companies, Companies Owned by People of Color; Department of Labor's HireVets for our work helping veterans transition; SECAF Award of Excellence finalist; Victory Military Friendly Brand; Virginia Values Veterans (V3); Cystic Fibrosis Foundation Corporate Breath Award, We work hard; we play hard. Kentro is committed to incorporating fun into every day. We dedicate funds for activities - virtual and in-person - e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations. In alignment with our commitment to our communities, we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy. Commitment Equal Opportunity Employment & VEVRAA Kentro is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state or local law. Kentro is strongly committed to compliance with VEVRAA and other applicable federal, state, and local laws governing equal employment opportunity. We have developed comprehensive policies and procedures to ensure our hiring practices align with these requirements. As part of our VEVRAA compliance efforts, Kentro has established an equal opportunity plan outlining our commitment to recruiting, hiring, and advancing protected veterans. This plan is regularly reviewed and updated to ensure its effectiveness.

Apply for this position