We are seeking a
Data Security Engineer to join our corporate IT Security team. The position will be able to work remotely but we prefer that the Engineer live in the Southeast and within drivable distance to the corporate office in
Duncan, SC.Data security at AFL is a priority, and this role sits at the center of it. This role owns the implementation and operation of the DSPM and DLP platforms. Under the guidance of the Sr. Manager, Cybersecurity, the Data Security Engineer is responsible for building and advancing the data security program, taking initiative and exercising sound judgment to achieve program objectives. This is a hands-on role with program ownership; the role collaborates closely with security analysts, information owners, and legal to reduce data risk across the organization.
Responsibilities- Administer and optimize the DSPM platform (Cyera); drive data discovery, classification, and risk prioritization across cloud and on-premises environments.
- Administer and operate the DLP platform (Proofpoint); create, tune, and maintain policies to prevent unauthorized data movement.
- Investigate and respond to DLP incidents; work with information owners and business stakeholders to resolve and remediate.
- Collaborate with Security Analysts to correlate data security findings with broader security investigations and incidents.
- Design and implement a data classification schema and labeling program.
- Define and maintain data security policies and procedures.
- Build metrics and reporting to communicate program health and risk reduction to leadership.
- Partner with legal, compliance, and IT teams to align data security controls with business requirements.
- Support audits and regulatory requirements related to data protection.
- Contribute to disaster recovery planning and exercises with technology teams.
QualificationsRequired- Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Systems, or related field or equivalent experience
- 4+ years in an information security role with a focus on data security, data protection, or DLP.
- Hands-on experience with a DSPM platform (Cyera, Sentra, Varonis, BigID, or similar).
- Hands-on experience with an enterprise DLP platform (Proofpoint, Symantec, Forcepoint, Microsoft Purview, or similar).
- Experience designing or implementing a data classification framework.
- Strong written and verbal communication skills.
- Ability to translate technical risk into clear business language.
Preferred- Experience with Microsoft Purview Information Protection and sensitivity labeling.
- Familiarity with regulatory frameworks such as GDPR, CCPA, HIPAA, or PCI-DSS.
- Experience standing up or maturing a data security program from early stages.
- Basic scripting ability (Python, PowerShell, or similar) for data analysis and automation.
Personal Qualities- Strong communicator; comfortable working directly with legal, compliance, and non-technical stakeholders.
- Analytical mindset; translates technical risk into clear business language.
- Self-directed and ownership-oriented; builds programs, not just operates tools.
- Collaborative; builds trusted relationships across security, IT, and business teams.
- Detail-oriented; produces accurate, low-noise outputs and metrics that leadership can act on.
