[Remote] DLP (Data Loss Prevention) Platform Engineer
Note: The job is a remote job and is open to candidates in USA. IDEXX Livestock Diagnostics is an innovation leader in various industries, and they are seeking a DLP Platform Engineer to design and implement enterprise Data Loss Prevention controls. This hands-on engineering leadership role focuses on delivering DLP capabilities and ensuring effective control integration across collaboration platforms.
Responsibilities
- Lead engineering for end-to-end implementation of the CASB/DLP solution across M365 (Exchange, SharePoint, OneDrive, Teams) and Box (internal/external collaboration), including phased rollout and deployment readiness
- Establish a policy lifecycle and deployment approach (e.g., detect → educate/warn → block) aligned to business risk and adoption goals
- Implement core detection models for IDEXX-relevant data types (e.g., regulated data, customer data, financial data, IP) using built-in and custom classifiers/regex as appropriate
- Define and implement channel coverage for exfiltration paths (email, cloud sharing, web upload, removable media where applicable) in coordination with endpoint and browser controls
- Translate data classification and handling requirements into high-confidence DLP policies that are actionable and enforceable across platforms
- Continuously tune policies to improve signal quality (reduce false positives, increase true positives) and minimize user friction
- Establish metrics and dashboards for control performance (alert volume, false positive rate, high-confidence detections, and trend-based risk reduction)
- Partner with stakeholders to implement user-facing controls (coaching, justification prompts, approvals) before enabling block actions broadly
- Integrate DLP alerts and telemetry into the SOC toolchain (SIEM/Case management) to enable triage, investigation, and escalation workflows
- Develop and maintain DLP-related detection logic, routing, and severity models so SOC investigations are consistent and efficient
- Support creation of playbooks for common scenarios (mass external sharing, mass download, suspicious upload, risky OAuth app activity where applicable), including evidence sources and response actions
- Establish a feedback loop with SOC and Data Security Operations to refine policies based on incident patterns and operational findings
- Partner with the Data Security Program Lead to deliver roadmap milestones and ensure stakeholder alignment across IT, Data Engineering, and Security Operations
- Partner with the Data Security Architect to align DLP policy design to enterprise control patterns and data management standards
- Coordinate with End User Computing / M365 platform teams and Box administration to deploy controls safely and minimize disruption to business workflows
- Expand DLP coverage over time to additional channels and SaaS applications as prioritized by the Data Security roadmap and DSPM findings
- Identify automation opportunities for policy deployment, exception handling, and reporting to reduce operational overhead
- Continuously evaluate product capabilities and recommend improvements to increase protection coverage and reduce data loss risk
Skills
- 5-7+ years of experience in security engineering, data protection, security operations engineering, or related fields
- Demonstrated experience implementing enterprise DLP/CASB solutions in complex environments. Hands-on expertise with DLP/CASB technologies (e.g., Microsoft Purview/M365 DLP, Zscaler, Netskope, or comparable platforms)
- Location: We are looking for someone driving distance to our Westbrook, Maine HQ for a flexible hybrid on-site requirement of 8 days per month. Alternatively, we are open to those in NH or ME who can visit our HQ less often
- Strong understanding of common data exfiltration paths and user behavior patterns across email, collaboration, web, and endpoint channels
- Ability to implement and tune data classifiers (built-in and custom), including pattern/regex-based detection where needed
- Experience delivering security controls across collaboration ecosystems (M365 strongly preferred; Box or similar SaaS collaboration platforms)
- Experience integrating detections and alerts into SOC workflows (SIEM, case management, escalation processes)
- Working familiarity with identity and access signals (e.g., Entra ID) that influence DLP policy enforcement and investigation context
- Familiarity with cloud environments and SaaS security principles (AWS preferred; Azure/GCP familiarity a plus)
- Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related technical field; or equivalent professional experience
- Strong ownership mentality with a bias toward action and measurable outcomes
- Ability to balance security enforcement with user experience to drive adoption and reduce workarounds
- Strong collaboration skills across security, IT, and engineering teams; effective at influencing without authority
- Ability to communicate technical control intent, tradeoffs, and operational impacts to technical and non-technical audiences
- Experience deploying DLP controls across M365 + Box in an enterprise environment
- Experience implementing DLP alongside data classification and governance programs
- Experience with endpoint/browser controls and integration with EDR/XDR toolsets
- Relevant certifications (e.g., CISSP, CCSP, Microsoft Security, vendor-specific DLP/CASB certifications)
Benefits
- Opportunity for annual cash bonus
- Health / Dental / Vision Benefits Day-One
- 5% matching 401k
- Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!
Company Overview