IT Security Engineer - DLP and CASB Engineering - Remote

Benefits

Additional Information

External candidates: In order for your application to be correctly processed please sign-in before you apply Internal candidates: Please go to Workday and click "Find Jobs" link under Career Thank you for considering opportunities with us! Job Title IT Security Engineer - DLP and CASB Engineering - Remote Requisition Number R7642 IT Security Engineer - DLP and CASB Engineering - Remote (Open) Location Arizona - Home Teleworkers Additional Locations Alabama - Home Teleworkers, Alabama - Home Teleworkers, Arkansas - Home Teleworkers, California - Home Teleworkers, Colorado - Home Teleworkers, Connecticut - Home Teleworkers, Delaware - Home Teleworker, District of Columbia - Home Teleworkers, Florida - Home Teleworkers, Georgia - Home Teleworkers, Idaho - Home Teleworkers, Illinois - Home Teleworkers, Indiana - Home Teleworkers, Iowa - Home Teleworkers, Kansas - Home Teleworker, Kentucky - Home Teleworkers, Louisiana - Home Teleworkers, Maine Home Teleworkers, Maryland - Home Teleworkers, Massachusetts - Home Teleworkers, Michigan - Home Teleworkers, Minnesota - Home Teleworkers, Mississippi - Home Teleworker, Missouri - Home Teleworker, Montana - Home Teleworkers {+ 21 more} Job Information CSAA Insurance Group (CSAA IG), a AAA insurer, is one of the leading personal lines property and casualty insurance groups in the United States. Here, every employee shapes our mission. We build innovative, human-centered solutions that help AAA members prevent, prepare for, and recover from life's uncertainties. You will join a collaborative, inclusive culture where your strengths have room to grow and your ideas can drive real impact. Step into a role where you can contribute to our shared success through meaningful work. We are actively hiring for an IT Security Engineer - DLP and CASB Engineering - Remote Your Role: We are seeking an experienced and highly skilled Security DLP and CASB Engineer with deep expertise in Microsoft Purview DLP, Netskope DLP/CASB, cloud security, and enterprise data protection engineering. This senior role will own the design, implementation, optimization, and ongoing management of DLP and CASB solutions across cloud and hybrid environments. The ideal candidate brings strong technical depth, architectural awareness, and the ability to collaborate across IT, Cloud, Cybersecurity, and Business teams to build scalable, modern, and proactive data‑protection capabilities. Your Work: Security Engineering - DLP & CASB Specialist (Cloud Data Protection) 1. DLP Engineering, Architecture & Implementation Design, implement, and optimize enterprise‑wide DLP controls using Microsoft Purview DLP, Information Protection, and Netskope DLP/CASB. Engineer DLP policies, classifiers, exceptions, and workflows for cloud (SaaS, IaaS, PaaS), endpoint, and web channels. Lead integration of DLP and CASB tools with cloud platforms including AWS, Azure, and Google Cloud. 2. Cloud Security Integration Partner with cloud architects and application teams to embed DLP and CASB controls into cloud-native environments. Support secure data flows across S3, Blob, Snowflake, SQL, and SaaS applications through technical integrations and best‑practice configurations. 3. Policy Development & Tuning Develop and enforce advanced DLP policies aligned to security standards, regulatory requirements, and risk tolerance. Minimize false positives through tuning, advanced SIT/classifier creation, and rule optimization. 4. Monitoring, Analytics & Automation Work closely with SOC and SIEM teams (Splunk preferred) to ensure high‑fidelity telemetry and alerting. Build dashboards, analytics, and automation opportunities that improve detection and reduce manual effort. Identify trends and potential gaps, driving proactive mitigation strategies. 5. Incident Response & Troubleshooting Serve as a technical expert for complex DLP and CASB incidents. Perform root‑cause engineering, propose long-term fixes, and partner with SOC on response playbooks. 6. Governance, Compliance & Reporting Provide leadership in mapping DLP controls to GDPR, CCPA, PCI, HIPAA, and other frameworks. Deliver executive‑level reporting and insights to leadership on DLP posture, risks, and improvements. 7. Documentation, Standards & Training Develop standards for data classification, masking, retention, archival, and secure data flows. Maintain technical documentation, SOPs, and lead stakeholder education workshops. 8. Continuous Improvement & Tool Evaluation Assess new DLP, CASB, and cloud security capabilities; lead POCs and vendor evaluations. Drive modernization efforts, platform migrations, and optimization initiatives. Perform advanced analysis of DLP and CASB events across Microsoft Purview, Netskope, MDCA, and related tools. Identify patterns, trends, mis-configurations, and gaps in controls; recommend or implement tuning and policy improvements. Develop and refine DLP rules, classifiers, exceptions, and high‑fidelity detections to reduce false positives

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at aaaie? Share your experience