Data Protection Engineer

Join to apply for the Data Protection Engineer role at Platinum Technologies
.

This role is essential for the tactical implementation of data‑centric security controls across the Command's hybrid environment, ranging from commercial cloud capabilities on NIPR to the rigid, disconnected constraints of the SIPR and Top‑Secret networks.

Location:

Mac Dill AFB, Tampa, Florida. Candidates must hold an active TS/SCI clearance.

We are offering a competitive sign‑on bonus and relocation assistance for qualified candidates.

$/yr - $/yr

• Microsoft Purview Implementation (NIPR):
  Configure and deploy Sensitivity Labels, Auto‑labeling policies, and Data Loss Prevention (DLP) rules within the Microsoft 365 E5 suite to classify and protect CUI and PII in SharePoint, One Drive, and Exchange.
• DRM & Encryption Configuration (SIPR/Top Secret):
  Implement and manage enterprise Digital Rights Management (DRM) solutions (specifically Virtru or Kiteworks) to enforce encryption‑at‑rest and attribute‑based access control on classified networks.
• Policy Tuning & Enforcement:
  Oversee the phased transition of security policies from “Monitoring” mode to “Blocking” mode, analyzing false positives and tuning classifiers (Regex, Keyword Dictionaries, Trainable Classifiers) to minimize mission disruption.
• Endpoint Protection:
  Collaborate with the Trellix engineering team to ensure that data tags applied by Purview/DRM tools are correctly recognized and enforced by endpoint DLP agents on workstations.
• Cross‑Domain Support:
  Assist in the manual “sneaker‑net” transfer of policy updates and classification patterns to the air‑gapped Top Secret environment, ensuring configuration consistency across all networks.

• Minimum Clearance Required to Start:
  Active Top‑Secret clearance with SCI eligibility.

• Microsoft Purview Expertise:
  Significant (3+ years) hands‑on experience configuring Microsoft Information Protection (MIP), Sensitivity Labels, and DLP policies in a large enterprise or DoD environment.
• DRM/Encryption
  
  Experience:
  
  Proven experience implementing and managing enterprise encryption and Rights Management tools such as Virtru, Kiteworks, or Seclore, particularly in on‑premise or hybrid configurations.
• Data Classification:
  Strong understanding of data classification methodologies, including the creation of custom sensitive info types (SITs) using Regex and Exact Data Match (EDM).
• Technical Troubleshooting:
  Ability to diagnose and resolve complex issues related to encryption key management, policy propagation, and agent conflicts.

• Experience with Trellix DLP (formerly McAfee) endpoint products.
• Knowledge of Net App BlueXP or BigID for data discovery.
• Prior experience supporting USSOCOM or working on SIPRNet/JWICS systems.
• Familiarity with DoD Data Strategy and CUI handling requirements.

• Required:
  
  CompTIA Security+ CE (or higher) to meet DoD 8570 IAT Level II requirements.
• Preferred:
  Microsoft Information Protection Administrator (SC‑400).
• Preferred:
  Virtru Certified Professional or Kiteworks Administrator Certification.

Not Applicable

Full‑time

Engineering and Information Technology

IT Services and IT Consulting

The Company is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age or genetic information.