Barbaricum

EDAT- Senior Data Security Engineer (Data Rights Management - DRM)- Tampa, FL

Barbaricum$100K — $130K *
Tampa, FL 33647In-Person
Aerospace & Defense
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Active Top Secret/SCI security clearance required.
  • Bachelor's degree in Cybersecurity, IT, Computer Science, or related field (or equivalent experience).
  • 10+ years of experience in cybersecurity or information security engineering.
  • Experience with Data Rights Management (DRM) or similar technologies.
  • Strong understanding of DoD Zero Trust principles and architecture.
  • Proficient in securing data across Microsoft 365 and cloud environments.
  • Excellent communication skills.

Responsibilities

  • Design and sustain enterprise DRM solutions for DoD's Zero Trust Data Pillar.
  • Engineer data-centric security controls for sensitive information.
  • Configure encryption, labeling, classification, and access control technologies.
  • Implement various Microsoft Purview security solutions.
  • Develop enterprise data classification schemas and automated labeling policies.
  • Integrate DRM with ICAM for access control enforcement.
  • Collaborate with Zero Trust architects on secure data access policies.

Benefits

  • Exposure to cutting-edge technologies and methodologies in data security.
  • Opportunity to lead and mentor junior engineers.
  • Collaboration with a diverse team of cybersecurity professionals.
  • Support for professional development and certifications.
  • Engagement in critical mission-supporting activities across the DoD.
Full Job Description
Barbaricum is currently seeking a Senior Data Security Engineer (Data Rights Management) to serve as a technical leader supporting the USSOCOM Enterprise Development, Application, and Training (EDAT) Zero Trust Data Team. This position is responsible for designing, implementing, and maintaining enterprise Data Rights Management (DRM) and data-centric security capabilities that protect sensitive information throughout its lifecycle in accordance with the Department of Defense (DoD) Zero Trust Strategy.

The Senior Data Security Engineer works closely with cybersecurity architects, ICAM engineers, cloud engineers, system owners, and mission partners to implement data protection controls that enforce least privilege, continuous verification, and policy-based access to Controlled Unclassified Information (CUI) and other sensitive data across on-premises and cloud environments.

Key Responsibilities
  • Design, implement, and sustain enterprise Data Rights Management (DRM) solutions supporting the DoD Zero Trust Data Pillar.
  • Engineer data-centric security controls that protect sensitive information regardless of location, device, or user.
  • Configure and manage encryption, labeling, classification, access control, and persistent protection technologies for enterprise data.
  • Implement Microsoft Purview Information Protection, Microsoft Purview Data Loss Prevention (DLP), Microsoft Purview Information Governance, Microsoft Purview Insider Risk Management, Microsoft Defender for Cloud Apps, and related Microsoft 365 security technologies.
  • Develop and maintain enterprise data classification schemas, sensitivity labels, protection templates, and automated labeling policies.
  • Integrate DRM capabilities with Identity, Credential, and Access Management (ICAM) solutions to enforce attribute-based and role-based access controls.
  • Collaborate with Zero Trust architects to implement policy decision points (PDPs), policy enforcement points (PEPs), and continuous authorization mechanisms supporting secure data access.
  • Develop data protection strategies supporting cloud, hybrid, and on-premises environments.
  • Implement and maintain data loss prevention (DLP) policies for email, endpoints, cloud applications, collaboration platforms, and removable media.
  • Support secure collaboration using Microsoft 365, SharePoint Online, Teams, Exchange Online, OneDrive, and Azure services.
  • Evaluate enterprise data flows and recommend security controls that reduce organizational risk while supporting operational requirements.
  • Perform security assessments, gap analyses, and technical evaluations of DRM and data protection technologies.
  • Develop engineering documentation including system design documents, implementation plans, standard operating procedures (SOPs), technical reports, and architecture diagrams.
  • Support Authority to Operate (ATO), RMF, and cybersecurity compliance activities.
  • Participate in architecture reviews, security engineering working groups, technical interchange meetings, and Zero Trust planning sessions.
  • Mentor junior engineers and provide technical leadership across the Data Team.

Required Qualifications
  • Active Top Secret/SCI security clearance.
  • Must be eligible to maintain access to USSOCOM systems and facilities.
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related technical field (or equivalent experience).
  • Minimum of 10 years of progressively responsible cybersecurity or information security engineering experience.
  • Experience implementing enterprise Data Rights Management (DRM), Information Rights Management (IRM), or Enterprise Digital Rights Management (EDRM) technologies.
  • Strong understanding of DoD Zero Trust principles, architecture, and implementation guidance.
  • Experience securing data across Microsoft 365, Azure, hybrid cloud, and enterprise environments.
  • Experience implementing Microsoft Purview Information Protection, DLP, sensitivity labeling, and information governance capabilities.
  • Experience with data classification, encryption, key management, and data lifecycle management.
  • Experience integrating security solutions with Microsoft Entra ID (Azure AD), Conditional Access, Privileged Identity Management (PIM), and ICAM architectures.
  • Knowledge of NIST SP 800-53, NIST SP 800-207 (Zero Trust Architecture), DoD Zero Trust Reference Architecture, RMF, and CMMC concepts.
  • Strong knowledge of encryption technologies, PKI, certificate management, and secure information sharing.
  • Experience troubleshooting complex enterprise security implementations.
  • Excellent written and verbal communication skills.

Desired Qualifications
  • Experience supporting USSOCOM or other DoD organizations.
  • Experience implementing Microsoft Defender XDR security solutions.
  • Experience with Microsoft Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps.
  • Familiarity with cloud security technologies including Microsoft Azure, AWS, or Google Cloud Platform.
  • Experience with Microsoft Graph API, PowerShell automation, and infrastructure-as-code.
  • Experience integrating DRM with enterprise collaboration platforms.
  • Knowledge of data discovery, insider risk, data governance, and privacy solutions.
  • Experience supporting Agile software development and DevSecOps environments.

Certifications

Candidate must possess an active DoD 8140 baseline certification appropriate for the position (such as Security+ CE, CySA+, CASP+, CISSP, or equivalent) prior to start date.

Preferred certifications include:
  • Certified Information Systems Security Professional (CISSP)
  • Microsoft Certified: Information Protection Administrator Associate (SC-400)
  • Microsoft Certified: Cybersecurity Architect Expert (SC-100)
  • Microsoft Certified: Security Operations Analyst (SC-200)
  • Microsoft Certified: Identity and Access Administrator Associate (SC-300)
  • Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
  • Certified Information Security Manager (CISM)
  • GIAC Security Certifications (GSEC, GCIA, GCED, or similar)

About Barbaricum

Barbaricum is a defense contractor that provides consulting and engineering services to the U.S. government. The company specializes in national security and intelligence, with a focus on counterterrorism, cybersecurity, and information operations. Barbaricum's services include strategic planning, program management, and technical analysis. The company was founded in 2008 and is headquartered in Washington, D.C.
Learn more about Barbaricum
Size
200 employees
Industry
Net Income
$1 million
Founded
2008
5 Year Trend
+10%
Revenue
$20 million

Similar Jobs

More Jobs at Barbaricum

More Aerospace & Defense Jobs

Find similar EDAT- Senior Data Security Engineer (Data Rights Management - DRM)- Tampa, FL jobs: