Cybersecurity Engineer - Data Loss Prevention

CYBERSECURITY ENGINEER - DATA LOSS PREVENTION Location Columbus, OH Job Code 98 # of openings 1

Remote with travel required to client's place of performance in Columbus, OH or Richmond, VA

iP
-Plus Consulting is seeking a Cybersecurity Engineer to support an upcoming federal program. The Cybersecurity Engineer serves as a hands‑on technical operator responsible for the design, integration, and sustainment of enterprise Data Loss Prevention solutions across a hybrid DoD cloud environment. The candidate will work directly with Microsoft Purview and Forcepoint DLP to protect sensitive government data across M365, SharePoint Online, One Drive, Teams, and Azure IL4+ environments.

In this role, the candidate will operate as part of a Tier 3 DLP support team, executing policy engineering, incident remediation, compliance management, and system sustainment while supporting one of the DoD's most critical data protection programs.

• Design, configure, and tune Microsoft Purview and Forcepoint DLP policies, rulesets, and workflows across an enterprise DoD environment.
• Provide Tier 3 engineering support for DLP infrastructure, including fault isolation, root cause analysis, and incident remediation.
• Support integration of DLP solutions with broader IT infrastructure, including M365, Azure IL4+, SharePoint Online, One Drive, and Teams.
• Perform STIG hardening and maintain configuration compliance across all DLP components in accordance with DISA Secure Technical Implementation Guides.
• Assist with data‑at‑rest scanning operations, false‑positive reduction, and ongoing performance tuning of DLP platforms.
• Manage and execute software updates, firmware patches, and service packs in compliance with DoD IA directives and agency change‑management processes.
• Support development and submission of required documentation, including ECR forms, PPSM forms, LCA forms, and Information Assurance packages.
• Participate in on‑call rotation to provide 24/7/365 coverage for critical DLP infrastructure issues.
• Develop and maintain operational documentation, including SOPs, CONOPS, troubleshooting guides, and training materials.
• Support remediation workflow automation efforts and assist with Authorization to Operate (ATO) documentation for DoD IL4+ environments.
• Coordinate with agency stakeholders, including privacy, incident response, vulnerability management, and Information Assurance personnel.
• Generate operational status reports for agency leadership and DoD reporting requirements as required.
• Ensure all DLP systems maintain compliance with federal data protection standards, DoD IA policies, and applicable regulatory requirements.

• Minimum seven (7) years of relevant IT and cybersecurity experience.
• Active DoD Secret clearance with eligibility for IT‑I Critical Sensitive / Tier 5 (T5) investigation.
• Must possess IT‑II Non‑Critical Sensitive / Tier 3 (T3) clearance at time of application.
• DoD 8570/8140 IAT Level II certification (Security+, CySA+, CASP+, or equivalent).
• CNDSP‑IS certification or equivalent (CySA+, CASP+, GCIH, GCIA, or CISSP).
• Hands‑on experience implementing and administering Microsoft Purview DLP in an enterprise environment.
• Familiarity with DoD cloud environments, including Azure IL4+ and M365 security architecture.
• Experience working within DoD change‑management processes, including ECR, PPSM, and LCA documentation.
• Strong working knowledge of DISA STIGS and federal IA compliance frameworks.

• IAT Level II – Must hold at least one of the following:
  Security+ CE, CySA+, CASP+, or CISSP.
• CNDSP‑IS – Must hold at least one of the following:
  CySA+, CASP+, GCIH, GCIA, or CISSP.
• Computing Environment / DLP Administrator – Must hold at least one of the following: SC-400 (Microsoft Information Protection Administrator), Forcepoint Certified Administrator (FCA), Forcepoint DLP Administrator, or equivalent platform certification accepted with documented justification.

Must meet DoD 8570/8140 certification requirements prior to starting work and maintain certifications for the full duration of the contract.

• Hands‑on experience with Forcepoint DLP administration and policy engineering.
• Experience with DLP remediation workflow automation in a DoD IL4 or higher environment.
• Prior work experience within a DoD Component IT environment.
• Microsoft certifications including SC-400, AZ‑500, or SC‑100.
• Familiarity with SQL database environments and application‑level troubleshooting.
• Experience supporting ATO packages in DoD cloud environments.
• Background with adjacent DLP platforms such as Symantec DLP, Trellix, Digital Guardian, or Broadcom DLP.

• Must be eligible for and willing to undergo IT‑I Critical Sensitive / Tier 5 investigation.

This position is contingent upon contract award. Employment is expected to begin upon successful award and funding of the program.