Senior Data Protection Engineer (USSOCOM-Zero Trust, Azure Security & Network DLP)

Kentro

$100K — $130K *
Aerospace & Defense
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, Information Technology, or related field.
  • 10+ years in cybersecurity or data security; 5+ years with DoD or Federal Government.
  • Expertise in Data Loss Prevention (DLP) and Cloud Security Architecture.
  • Proficient in scripting/automation using PowerShell or Python.
  • Familiar with DoD Zero Trust and NIST security frameworks.

Responsibilities

  • Serve as a subject matter expert in Microsoft Azure Security and Network Data Security.
  • Design, deploy, and tune Microsoft Purview and Defender XDR.
  • Enforce compliance with Microsoft Defender suite for access control.
  • Develop and enforce Trellix DLP policies to safeguard information.
  • Manage Trellix Network Prevent to stop unauthorized data exfiltration.
  • Implement encryption and security controls for data in transit.
  • Architect data-centric security aligned with DoD Zero Trust initiatives.

Benefits

  • Competitive benefits package including paid time off and healthcare.
  • 401k with employer match and educational reimbursement for certifications.
  • Support for continuous professional development and career growth.
  • Engagement in community activities and team-building events.
Full Job Description
Senior Data Protection Engineer to support the USSOCOM EDAT Zero Trust initiative. The Senior Data Protection Engineer serves as a key member of the USSOCOM Enterprise Zero Trust Data Team, responsible for designing, implementing, and maintaining data-centric security capabilities across classified and unclassified environments.

This role supports the Department of Defense (DoD) Zero Trust strategy by ensuring data is protected throughout its lifecycle through advanced security controls, data governance, policy enforcement, and continuous monitoring. The engineer will collaborate with cybersecurity, cloud, identity, network, and application teams to implement Zero Trust principles focused on data discovery, classification, protection, access control, and monitoring.

Location: Hybrid in Tampa, Florida

Responsibilities

  • As a Senior Data Protection Engineer, you will act as a premier subject matter expert in Microsoft Azure Security, Network Data Security, and Trellix DLP enforcement.
  • Azure Security & XDR: Serve as a Microsoft Azure security expert, spearheading the design, deployment, and tuning of Microsoft Purview and Microsoft Defender XDR across hybrid enterprise environments.
  • Defender Suite & Access: Architect and enforce continuous compliance using the Microsoft Defender suite. Leverage deep expertise in Microsoft Purview, Defender for Cloud Apps, Entra ID, and Microsoft Conditional Access to control resource access based on identity and risk.
  • Trellix DLP Enforcement: Design, engineer, and rigorously enforce Trellix Full Data Loss Prevention (DLP) policies across the enterprise to prevent the unauthorized disclosure of controlled and classified information.
  • Network Data Security: Act as a specialized Network Data Security Engineer. Deploy and manage Trellix Network Prevent and Monitor services to oversee data flows, inspect traffic, and actively block unauthorized exfiltration attempts in real-time.
  • Datacenter Security: Engineer, implement, and monitor robust network security controls and encryption protocols governing all data traffic moving to and from on-premises datacenters and hybrid cloud environments.
  • Zero Trust Architecture: Design and implement data-centric security architectures aligned with DoD and USSOCOM Zero Trust initiatives (NIST SP 800-207).
  • Identity & ABAC Integration: Integrate data security controls with Identity, Credential, and Access Management (ICAM) systems and support the implementation of Attribute-Based Access Control (ABAC) and policy-driven access models.
  • Compliance & cATO: Support Continuous Authorization to Operate (cATO) initiatives through automated security validation, compliance monitoring, and risk assessments of enterprise data repositories.


Qualifications

  • Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related field. (Additional years of relevant experience may be substituted for formal education requirements when permitted by contract guidelines).
  • Experience: 10+ years of experience in cybersecurity, information assurance, or data security engineering. 5+ years supporting DoD, Intelligence Community, or Federal Government cybersecurity initiatives.
  • Technical Skills:
    • Data Loss Prevention (DLP)
    • Data Discovery and Classification
    • Encryption and Key Management
    • Cloud Security Architecture
    • Security Automation and Orchestration
    • Scripting and automation using PowerShell, Python, or similar technologies

Security Framework Knowledge:
  • DoD Zero Trust Reference Architecture
  • NIST SP 800-207 Zero Trust Architecture
  • NIST Risk Management Framework (RMF)
  • NIST 800-53 Security Controls
  • DoD Cybersecurity Policies and Directives
  • Controlled Unclassified Information (CUI) Requirements

Required Certifications:

Must possess one of the following DoD 8570/8140 IAT Level III certifications:
  • CISSP
  • CASP+
  • CCSP
  • CISM

Preferred Qualifications:
  • Advanced Query Languages: Advanced knowledge and proficiency in Kusto Query Language (KQL) and Splunk Processing Language (SPL) for sophisticated threat hunting, alerting, and dashboard creation.
  • Experience supporting USSOCOM, SOF, or Joint Service environments.
  • Experience with Cross Domain Solutions (CDS) and classified data handling requirements.
  • Familiarity with DevSecOps, Platform One, and cATO methodologies.
  • Experience supporting enterprise cloud migrations and data modernization initiatives.
  • Knowledge of AI/ML governance and the protection of sensitive training datasets.

Clearance Requirement:
  • TS/SCI
  • Must be a US Citizen


Benefits

We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more. We invest in our employees - Every employee is eligible for education reimbursement for certifications, degrees, or professional development. Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.

We work hard; we play hard. Kentro is committed to incorporating fun into every day. We dedicate funds for activities - virtual and in-person - e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations. In alignment with our commitment to our communities, we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.

How to Apply

To apply to Kentro Positions- Please click on the job link and then click the blue "Apply" button at the top right of Job Description. Please upload your resume and complete all the application steps. You must fully submit the application for Kentro to consider you for a position. If you need alternative application methods, please email [email protected] and request assistance.

Accommodations

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. If you need to discuss reasonable accommodations, please email [email protected].

#LI-SH1

Similar Jobs

More Jobs at Kentro

More Aerospace & Defense Jobs

Find similar Senior Data Protection Engineer (USSOCOM-Zero Trust, Azure Security & Network DLP) jobs: