×
Register Here to Apply for Jobs or Post Jobs. X

DLP; Data Loss Prevention Platform Engineer

Job in Concord, Merrimack County, New Hampshire, 03306, USA
Listing for: IDEXX
Full Time position
Listed on 2026-07-10
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security
Salary/Wage Range or Industry Benchmark: 110000 - 125000 USD Yearly USD 110000.00 125000.00 YEAR
Job Description & How to Apply Below
Position: DLP (Data Loss Prevention) Platform Engineer

The DLP Platform Engineer is responsible for designing, implementing, and maturing enterprise Data Loss Prevention (DLP) and CASB controls across IDEXX’s collaboration and user platforms, including M365, Box, and endpoint/web exfiltration channels. This role ensures that DLP controls are deployed correctly, integrated across systems, and tuned for effectiveness and usability at scale, enabling measurable reduction in data loss and oversharing risk.

DLP

/ CASB Platform Implementation
  • Lead engineering for end-to-end implementation of the CASB/DLP solution across M365 (Exchange, SharePoint, One Drive, Teams) and Box (internal/external collaboration), including phased rollout and deployment readiness.
  • Establish a policy lifecycle and deployment approach (e.g., detect → educate/warn → block) aligned to business risk and adoption goals.
  • Implement core detection models for IDEXX-relevant data types (e.g., regulated data, customer data, financial data, IP) using built-in and custom classifiers/regex as appropriate.
  • Define and implement channel coverage for exfiltration paths (email, cloud sharing, web upload, removable media where applicable) in coordination with endpoint and browser controls.
Policy Design, Tuning & Effectiveness
  • Translate data classification and handling requirements into high‑confidence DLP policies that are actionable and enforceable across platforms.
  • Continuously tune policies to improve signal quality (reduce false positives, increase true positives) and minimize user friction.
  • Establish metrics and dashboards for control performance (alert volume, false positive rate, high‑confidence detections, and trend‑based risk reduction).
  • Partner with stakeholders to implement user‑facing controls (coaching, justification prompts, approvals) before enabling block actions broadly.
Integration & Operationalization with the SOC
  • Integrate DLP alerts and telemetry into the SOC toolchain (SIEM/Case management) to enable triage, investigation, and escalation workflows.
  • Develop and maintain DLP‑related detection logic, routing, and severity models so SOC investigations are consistent and efficient.
  • Support creation of playbooks for common scenarios (mass external sharing, mass download, suspicious upload, risky OAuth app activity where applicable), including evidence sources and response actions.
  • Establish a feedback loop with SOC and Data Security Operations to refine policies based on incident patterns and operational findings.
Cross-Functional Collaboration
  • Partner with the Data Security Program Lead to deliver roadmap milestones and ensure stakeholder alignment across IT, Data Engineering, and Security Operations.
  • Partner with the Data Security Architect to align DLP policy design to enterprise control patterns and data management standards.
  • Coordinate with End User Computing / M365 platform teams and Box administration to deploy controls safely and minimize disruption to business workflows.
Continuous Improvement & Expansion
  • Expand DLP coverage over time to additional channels and SaaS applications as prioritized by the Data Security roadmap and DSPM findings.
  • Identify automation opportunities for policy deployment, exception handling, and reporting to reduce operational overhead.
  • Continuously evaluate product capabilities and recommend improvements to increase protection coverage and reduce data loss risk.
What You Will Need To Succeed
  • 5‑7+ years of experience in security engineering, data protection, security operations engineering, or related fields.
  • Demonstrated experience implementing enterprise DLP/CASB solutions in complex environments. Hands‑on expertise with DLP/CASB technologies (e.g., Microsoft Purview/M365 DLP, Zscaler, Netskope, or comparable platforms).
  • Location:

    We are looking for someone driving distance to our Westbrook, Maine HQ for a flexible hybrid on‑site requirement of 8 days per month. Alternatively, we are open to those in NH or ME who can visit our HQ less often.
  • Strong understanding of common data exfiltration paths and user behavior patterns across email, collaboration, web, and endpoint channels.
  • Ability to implement and tune data classifiers (built‑in and custom), including…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary