Description POSITION DESCRIPTION: We are looking for a Senior Data Security Engineer to join our Grid and Energy Services team to own and implement data security governance across the Azure data platform, embedding encryption, access controls and privacy into all data systems. The ideal candidate can set standards and ensure compliance while guiding architecture and risk management across multiple departments within this team.
LOCATION & WORK ARRANGEMENT This role is remote; however, the candidate(s) will be expected to relocate at their own expense to our onsite Houston location by Q1 in 2027* *Q1 2027 is an approximate timeframe and is subject to change at any time
RESPONSIBILITIES - Design and implement data protection, encryption, and secure access across Azure services (Event Hubs, IoT, Fabric), strengthening pipelines against exfiltration and misuse
- Build and manage governance frameworks with Microsoft Purview, including cataloging, classification, lineage, and data lifecycle policies
- Apply privacy-by-design practices (PII minimization, tokenization, anonymization) and ensure controls scale across multi-tenant environments
- Partner with Security, Legal, and Compliance to align with SOC 2, ISO 27001, and GDPR, delivering audit-ready logging and traceability
- Embed security and governance into pipelines, IaC, and APIs using policy-as-code and standardized onboarding requirements
- Monitor governance health via telemetry integrations (Azure Monitor, Log Analytics, App Insights) to support compliance and incident response
- Define long-term strategy for data security and governance; lead architecture standards, mentor engineers, and advise leadership on risk and compliance
REQUIRED QUALIFICATIONS - 8+ years in data engineering, security, governance, or cloud platforms, with 3+ years focused on data security/governance
- Strong hands-on experience with Azure data services and security controls
- Expertise in encryption, key management, and securing data lakes/warehouses on Azure
- Proficiency in Python, SQL, or KQL for data and analytics workflows
- Experience building or operating multi-tenant SaaS data platforms on Azure
- Background in securing real-time/streaming pipelines (Event Hubs or Fabric)
- Solid understanding of Azure services, CI/CD, and policy-as-code practices
- Proficient with Git, GitHub, and GitHub Actions for development workflows
- Experience working in agile environments using JIRA or Azure DevOps
- BS/MS in Computer Science, Engineering, or a related field preferred
PREFERRED QUALIFICATIONS - Hands-on experience with Microsoft Purview in production environments
- Familiarity with Microsoft Fabric governance models and OneLake security
- Experience securing event-driven and streaming architectures (Event Hubs, IoT)
PHYSICAL, MENTAL & ENVIRONMENTAL DEMANDS: To comply with the Rehabilitation Act of 1973 the essential physical, mental and environmental requirements for this job are listed below. These are requirements normally expected to perform regular job duties. Incumbent must be able to successfully perform all of the functions of the job with or without reasonable accommodation.
Mobility Standing
20% of time
Sitting
70% of time
Walking
10% of time
Strength Pulling
up to 10 Pounds
Pushing
up to 10 Pounds
Carrying
up to 10 Pounds
Lifting
up to 10 Pounds
Dexterity (F = Frequently, O = Occasionally, N = Never) Typing
F
Handling
F
Reaching
F
Agility (F = Frequently, O = Occasionally, N = Never) Turning
F
Twisting
F
Bending
O
Crouching
O
Balancing
N
Climbing
N
Crawling
N
Kneeling
N
The salary range is required by the California Pay Transparency Act and may differ depending on the location of those candidates hired nationwide. Actual compensation is influenced by a wide array of factors including but not limited to, skill set, education, licenses and certifications, essential job duties and requirements, and the necessary experience relative to the job's minimum qualifications.
*This target salary range is for CA positions only and should not be interpreted as an offer of compensation.
