Data Security Engineer

ABF, LLC
Chicago, United States of America
yesterday

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Chicago, United States of America

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
Data analysis
Automated Storage and Retrieval Systems
Software as a Service
Cloud Computing Security
Cloud Storage
Collaborative Software
Computer Security
Databases
Data Discovery
Information Engineering
Data Security
Amazon DynamoDB
Identity and Access Management
Python
Key Management
Operational Databases
Powershell
Role-Based Access Control
Security Information and Event Management
Tokenization
Data Logging
Cloud Platform System
Data Classification
Amazon Web Services (AWS)
Data Lake
Amazon Web Services (AWS)
Database Monitoring
Redshift
Databricks
Go

Job description

Our client is hiring a Sr. Data Security Engineer to help us understand where sensitive data exists, how it moves, who can access it, and how it should be protected. You will build and operationalize the technical capabilities used to discover, classify, monitor, and protect data across cloud environments, SaaS platforms, databases, analytics platforms, endpoints, and non-production systems. The goal is not simply to deploy more security tools. It is to make data protection measurable, enforceable, and sustainable across the enterprise. This is a hands-on engineering role inside our security program. We want someone who can turn data risk into durable technical controls, tune those controls to real business workflows, and work with the SOC to automate the response to exposure, misuse, and exfiltration.

Requirements

  • 8+ years of experience across data security, cloud security, platform security, security engineering, or related technical roles.
  • Hands-on experience implementing or operating capabilities such as DLP, DSPM, CASB, database activity monitoring, data discovery, or sensitive data classification.
  • Strong understanding of data protection across cloud storage, databases, SaaS platforms, collaboration tools, endpoints, and analytics environments.
  • Experience securing AWS data services and multi-account environments, including storage permissions, encryption, logging, identity, and public exposure controls.
  • Experience with encryption, key management, tokenization, masking, secrets management, and protection of production data used in non-production environments.
  • Strong understanding of IAM, least privilege, privileged access, service identities, and access-control models such as RBAC and ABAC.
  • Experience integrating security telemetry with SIEM, XDR, SOAR, or incident response workflows.
  • Ability to write automation or production-quality scripts in Python, PowerShell, Go, or a similar language.
  • Experience tuning security controls to reduce false positives without weakening protection.
  • Comfort working directly with Data Engineering, Platform Engineering, Architecture, Security Operations, GRC, Privacy, and business stakeholders.

Nice to have

  • Experience with platforms such as Microsoft Purview, Prisma Access DLP/CASB, or similar data security technologies.
  • Experience securing Databricks, Amazon S3, Redshift, RDS, DynamoDB, data lakes, or enterprise analytics platforms.
  • Experience with insider-risk detection, user and entity behavior analytics, or data-exfiltration investigations.
  • Familiarity with data protection and privacy requirements associated with SOX, GDPR, ISO 27001, or NIST frameworks.
  • Experience building security controls for AI and generative AI services, including sensitive-data exposure, model inputs, retrieval systems, internal copilots, and agentic workflows.

Apply for this position