Lead, Infrastructure Security Engineer - CASB and DSPM

Job Classification

Technology - Engineering & Cloud

Build capabilities that enable the organization with innovation, speed, agility, scalability, and efficiency. The Global Technology team takes great pride in a culture where digital transformation is built into its DNA.

• Design and implement enterprise-wide data security solutions leveraging CASB, DSPM, and Microsoft 365 security capabilities, preferably with Z Scaler.
• Develop secure architectures for SaaS, IaaS, and PaaS environments with a focus on data visibility and protection.
• Deploy, configure, and optimize CASB solutions to enforce security policies across cloud applications (introspection, shadow IT discovery).
• Monitor user activity, detect anomalies, and prevent data exfiltration.
• Integrate CASB with identity providers (e.g., Entra / Azure AD) and SIEM/SOAR platforms (e.g., Splunk).
• Lead the implementation and operationalization of DSPM tools to discover, classify, and monitor sensitive data across environments.
• Establish data classification frameworks and automate data risk assessments.
• Integrate Microsoft CoPilot and Z Scaler or similar CASB / DSPM products.
• Administer Microsoft 365 security controls, including sensitivity labels, identity risk management, Microsoft Defender for Cloud Apps, and secure Exchange, SharePoint, One Drive, and Teams environments.
• Investigate security alerts related to data access, sharing, and exfiltration; collaborate with SOC and Incident Response teams to remediate threats; develop detection rules and automated response workflows.
• Ensure alignment with regulatory frameworks (e.g., GDPR, HIPAA, CCPA); support audits and compliance reporting; define and enforce data governance policies and standards.

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 7+ years of cybersecurity experience with a strong focus on data security.
• Hands‑on experience with CASB solutions (e.g., Z Scaler, Microsoft Defender for Cloud Apps).
• Proven experience implementing and managing DSPM tools and frameworks.
• Deep expertise in Microsoft 365 security and compliance features.
• Strong understanding of cloud platforms (Azure / AWS preferred).
• Experience with DLP, data classification, encryption, and access controls.
• Familiarity with SIEM/SOAR tools (e.g., Sentinel, Splunk).
• Knowledge of identity and access management (IAM), including Zero Trust principles.
• Preferred:
  Knowledge of automation and scripting (Power Shell, Python), API integrations, work in highly regulated industries.
• Relevant certifications (e.g., CISSP, CCSP, Microsoft Security certifications).

Prudential is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender identity, genetics, disability, marital status, age, veteran status, domestic partner status, medical condition or any other characteristic protected by law.