Job#: 3015181

Job Description:

Our great client has an immediate opening for a Cybersecurity Engineer. If you are interested please apply with resume to [email protected].

We’re seeking a senior cybersecurity engineer to design, build, and operationalize enterprise grade‑ data protection capabilities anchored in Microsoft E5. You will lead engineering for Microsoft Purview (Information Protection & DLP, eDiscovery/Audit), Sensitivity Labels, and related guardrails—integrating telemetry and enforcement through Zscaler, CrowdStrike, and Splunk. This role bridges secure-by-default platform engineering with pragmatic automation to protect regulated data (e.g., PHI/PII) at scale. Senior leadership has prioritized accelerating Copilot and E5 controls adoption, creating a high impact‑ opportunity to shape how we protect data across SaaS and AI workloads.

What You’ll Do

Engineer secure-by-default E5 data protection

• Design and implement Microsoft Purview DLP policies (endpoint, Exchange, SharePoint, OneDrive, Teams) and Sensitivity Label taxonomy with automated enforcement paths.
• Build policy-as-code pipelines (CI/CD) to version, test, and deploy DLP rules, label configs, and governance artifacts in multiple environments.

Integrate Zscaler, CrowdStrike, and Splunk

• Connect Zscaler SSE inspection with Purview controls; route events to Splunk for analytics, dashboards, and detections that close visibility and enforcement loops.
• Leverage CrowdStrike telemetry (e.g., Falcon/Shield) to correlate endpoint behaviors with data movement signals for insider‑risk and exfiltration use cases.

Build automations & guardrails

• Develop services and workflows (e.g., Azure Functions, Logic Apps, Graph API) to auto‑remediate mislabels, revoke risky shares, and notify data owners.
• Implement secure-by-default configuration baselines and drift detection for E5 security controls (MCAS/Defender for Cloud Apps, Conditional Access, etc.).

Operate and continuously improve

• Own reliability for data protection pipelines: SLIs/SLOs, runbooks, and incident playbooks in partnership with Insider Risk team.
• Create Splunk content (data models, dashboards, correlation searches) aligned to exfiltration, anomalous access, and label violations.
• Partner with Privacy and Compliance for audit‑ready controls (eDiscovery/Audit), evidence, and exception processes.

Collaborate across security & platform teams

• Work with PSO, IAM, and Insider Risk to align label taxonomy and enforcement with business workflows and least‑privilege access.
• Provide technical leadership and mentoring for engineers/analysts rolling out new E5 features and operational support.

Required Qualifications

• 5+ years engineering experience in enterprise security or platform engineering; hands-on‑ with Microsoft E5 security stack (Purview DLP, Information Protection, eDiscovery).
• Proven expertise building policy‑as‑code for DLP/labels (GitHub/Azure DevOps), and automating Graph/PowerShell administration.
• Demonstrated ability to design secure-by-default guardrails and support rapid SaaS/AI adoption (including Copilot) without compromising compliance.

Nice to Have

• Strong background in data protection for regulated data (PII/PHI), insider‑risk detection, and evidence‑driven investigations.
• Production experience with Zscaler (SSE/ZIA/ZPA), CrowdStrike (Falcon APIs/telemetry), and Splunk (TA configs, CIM, correlation searches).
• Experience migrating from legacy DLP (e.g., Forcepoint) to Microsoft DLP; building vendor‑neutral dictionaries and detection logic.
• Familiarity with MCAS/Defender for Cloud Apps, conditional access policies, and SSPM evaluations.
• Background in HIPAA/PHI audit support and exception governance workflows.

Success Metrics (first 6–12 months)

• DLP policy efficacy: reduction in unauthorized shares/exports; mean time to remediate violations.
• Label coverage & accuracy: % of sensitive content labeled; false positive/negative rate trends.
• Telemetry integration: end-to-end event flow (Purview → Zscaler/CrowdStrike → Splunk) with actionable detections.
• Secure-by-default adoption: # of guardrails implemented; drift detected/resolved; Copilot controls baselined.
• Audit readiness: evidence completeness for eDiscovery/Audit; exception closure rates.

Tools & Technologies (primary)

• Microsoft E5 / Purview: Information Protection, DLP, eDiscovery/Audit, Insider Risk
• Zscaler (SSE/ZIA/ZPA), CrowdStrike (Falcon/Shield), Splunk (CIM, ES)
• Automation: GitHub, Graph API, PowerShell, Azure Functions/Logic Apps
• Data flows: Exchange/SharePoint/OneDrive/Slack, endpoints, web proxies, CASB/SSE

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178.

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Apex team member can provide.