Network Data Loss Prevention; DLP Administrator

Position: Network Data Loss Prevention (DLP) Administrator
CHAOS Industries is redefining modern defense with a multi-product portfolio that gives the ultimate advantage-domain dominance. The company's products are powered by Coherent Distributed Networks (CDN™), empowering warfighters, commercial air operators, and border protection teams to act faster, adapt rapidly, and stay ahead of evolving threats.

CHAOS Industries was founded in 2022 and has raised a total of $1 billion in funding from leading investors, including 8VC, Accel, and Valor Equity Partners. The company is headquartered in Los Angeles, with offices in Washington, D.C., San Francisco, San Diego, Seattle, and London. For more information, please visit

Role Overview:

CHAOS Industries is hiring a Network DLP Administrator to own the design, implementation, and day-to-day operation of our Data Loss Prevention program across classified and unclassified network environments. This is a hands-on technical role at the core of our data protection strategy; you'll configure and tune DLP policies, monitor for sensitive data exfiltration, investigate incidents, and ensure our most critical information never ends up where it shouldn't.

You'll work closely with the ISSM, network engineers, and program security teams to enforce data handling requirements across a complex, multi-domain enterprise.

• You'll sit within the Cybersecurity Division, embedded alongside ISSOs, network engineers, and incident responders; operating as the subject matter expert when it comes to what's moving across our networks and whether it should be. Data tries to leave; you stop it. It's that straightforward, and that important.

• From day one you'll own the DLP toolset configuration, lead the tuning effort to reduce false positives without creating blind spots, and build out the policy framework that governs CUI, classified, and proprietary data across every segment of our network. This role has full ownership of the DLP lifecycle; from policy to investigation to closure.

Responsibilities:

• Administer, configure, and tune enterprise DLP solutions (e.g., Crowdstrike, Zscaler, Microsoft Purview, or equivalent) across network, endpoint, and cloud vectors to detect and prevent unauthorized transmission of sensitive data.
• Develop, implement, and maintain DLP policies governing CUI, classified information, PII, proprietary data, and export-controlled technical data (ITAR/EAR) in accordance with program security requirements and government regulations.
• Monitor DLP alerts and dashboards on a continuous basis; triage, investigate, and escalate incidents per established procedures; document findings and remediation actions to closure.
• Collaborate with ISSMs, ISSOs, and network security engineers to ensure DLP policies align with system authorization boundaries, classification requirements, and data handling SOPs.
• Conduct regular DLP policy reviews and effectiveness assessments; analyze false positive/negative rates and recommend tuning actions to maintain operational accuracy without degrading mission capability.
• Support incident response activities involving suspected data exfiltration or policy violations; preserve evidence, prepare incident reports, and coordinate with program security and legal teams as required.
• Maintain DLP system health including software updates, licensing, log integration with SIEM, and coordination with IT infrastructure teams for network-layer inspection (proxy, SSL inspection, mail gateway).
• Develop and deliver user awareness content and security reminders related to data handling policies; support periodic training on CUI, PII, and proprietary data protection requirements.
• Produce recurring metrics, trend reports, and executive-level summaries of DLP program performance; support annual self-inspections and government audit activities.
• Travel up to 10% CONUS to support program site DLP implementations, security reviews, and government customer engagements.

Minimum Requirements:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent combination of education and experience considered.
• 5-8 years of experience in cybersecurity, network security, or information assurance, with a minimum of 2-3 years of hands-on DLP administration or data protection engineering experience.
• Demonstrated experience configuring, tuning, and managing an enterprise DLP platform (Forcepoint, Symantec DLP, Microsoft Purview, Trellix, or equivalent) in a production environment.
• Working knowledge of data classification frameworks, CUI categories, PII handling requirements, and ITAR/EAR export control regulations as they apply to network data flows.
• Familiarity with network security architecture including proxies, mail gateways, SSL/TLS inspection, and network packet capture/analysis tools (Wireshark, tcpdump, or equivalent).
• Experience with SIEM platforms (Splunk, Arc Sight, or equivalent) for DLP log integration, correlation rule development, and alert triage.
• Active Secret clearance required at time of hire. TS/SCI…