Insider Risk & Data Protection Engineer

Peraton

Insider Risk & Data Protection Engineer executing enterprise Data Loss Prevention program for government compliance. Collaborating cross-functionally to investigate insider risks and handle sensitive data incidents.

Posted 6/25/2026full-timeHome • Virginia • 🇺🇸 United StatesSeniorLead💰 $104,000 - $166,000 per yearWebsite

Tech Stack

Tools & technologies

CloudCyber SecurityPython

About the role

Key responsibilities & impact

Administer, tune, and expand coverage of the enterprise DLP platform(s) across endpoint, email, network, cloud, and SaaS channels
Build, test, and refine DLP policies, rules, classifications, and detection use cases aligned to insider risk scenarios and regulatory drivers
Triage DLP alerts, reduce false positives, and continuously improve alert fidelity and analyst workflow
Support onboarding of new data sources, business units, and telemetry feeds into the DLP and user activity monitoring stack
Document standard operating procedures, runbooks, and configuration baselines for the DLP program
Conduct digital activity reviews of user behavior, data movement, and endpoint activity
Produce concise written findings appropriate for HR, Legal, and security leadership audiences
Serve as a primary responder for data spills and suspected compromises involving CUI
Execute containment, eradication, and sanitization actions
Partner with the CSOC, IT Operations, Privacy, Legal, HR, and Program Security on cross-functional investigations and response actions
Provide periodic reporting on DLP, digital activity review, and data spill metrics to IRDP leadership.

Requirements

What you’ll need

8+ years of relevant experience with a Bachelor's degree in Cybersecurity, Information Systems, Intelligence, Criminal Justice, or related field
Minimum 5 years of combined experience across DLP administration, insider risk/user activity monitoring, digital forensics, or cybersecurity incident response
Minimum 3 years hands-on experience administering an enterprise DLP platform (e.g., Microsoft Purview, Symantec/Broadcom DLP, Forcepoint, Zscaler, Netskope, or equivalent), including policy authoring and tuning
Demonstrated experience conducting digital activity reviews or insider-risk investigations, including correlating data across endpoint, email, network, and cloud sources
Working knowledge of CUI handling requirements, DFARS 252.204-7012, and NIST SP 800-171
Basic proficiency with at least one scripting language (Python, PowerShell, KQL, SPL, or equivalent) for log analysis, automation, or data wrangling
Strong written and verbal communication skills, including the ability to translate technical findings into clear, audience-appropriate narratives for HR, Legal, and leadership
Strong attention to detail, sound judgment, discretion, and professional demeanor when handling sensitive matters
US Citizenship required
Ability to obtain a Top Secret security clearance
Ability to attend in-person meetings on occasion in Reston, VA.

Benefits

Comp & perks

Health insurance
401(k) matching
Paid time off
Professional development opportunities

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

DLP administrationdigital forensicscybersecurity incident responsepolicy authoringscripting (Python, PowerShell, KQL, SPL)data analysisalert triagedata classificationinsider risk monitoringdigital activity review

Soft Skills

written communicationverbal communicationattention to detailsound judgmentdiscretionprofessional demeanorcollaborationanalytical thinkingproblem-solvingreporting

Certifications

Bachelor's degree in CybersecurityTop Secret security clearance