Data Protection Engineer
Republic Services
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Tech Stack
About the role
- Lead the execution of enterprise‑wide data discovery & classification for both unstructured data (files, email, collaboration platforms, endpoints, SaaS) and structured data (databases, data warehouses, analytics and AI platforms).
- Lead data protection controls for Generative AI platforms (e.g., Microsoft Copilot, enterprise chat, custom LLM solutions) to prevent unintended data disclosure and misuse.
- Implement safeguards to ensure only appropriately classified and authorized data is available for AI prompts, responses, training, or retrieval‑augmented generation (RAG).
- Identify and mitigate data overexposure risks, including: excessive permissions and oversharing in collaboration platforms, public or broadly accessible cloud storage, file servers and databases, sensitive data leakage through prompts or outputs, autonomous or agentic workflows acting beyond approved scope, and shadow AI and unsanctioned model usage.
- Support data lifecycle governance, including retention, archival, legal hold, and secure disposal for both human and AI‑accessible data.
- Drafts configuration manuals, operating procedures, reports, and system hardening guidelines.
- Provides guidance in the application and reporting of data protection technology performance metrics.
- Establish and maintain continuous data mapping and inventory to understand where sensitive data resides, how it is accessed, and how it flows across systems and integrations.
- Partner with cross-functional teams—including IT, Compliance, HR, and Legal—to ensure adherence to data protection standards.
- Performs other job-related duties as assigned or apparent.
Requirements
- 5+ years of experience in Information Security, Data Protection or Security Engineering roles.
- Prior experience implementing or operating technology within at least three of the following: Data Access Governance, Data Classification, Data Discovery, Data Encryption, Data Loss Prevention.
- Hands-on expertise with data classification and labeling technologies, including rule-based, pattern-based, and machine-learning–driven classification for sensitive data types.
- Awareness of AI-related risks (e.g., data leakage in prompts, model training exposure, shadow AI usage) and the ability to help enforce safeguards and acceptable use standards.
- Familiarity with Data Security Posture Management (DSPM) or data access governance tools (e.g., Varonis, BigID, OneTrust, Microsoft Purview, Symmetry, Wiz, Lacework, or similar).
- Experience reducing data risk through policy automation, bulk remediation workflows, and continuous monitoring.
- Knowledge of data lifecycle management, including retention, archival, legal hold, and secure disposal practices.
- Relevant certifications such as CISSP, CISM, GSEC, Security+ or equivalent are highly desirable.
- Exposure to privacy engineering concepts, including data minimization, purpose limitation, and least‑privilege access.
- Strong understanding of industry frameworks such as CIS and NIST.
- Excellent written and verbal communication skills.
Benefits
- Comprehensive medical benefits coverage.
- Dental plans and vision coverage.
- Health care and dependent care spending accounts.
- Short- and long-term disability.
- Life insurance and accidental death & dismemberment insurance.
- Employee and Family Assistance Program (EAP).
- Employee discount programs.
- Retirement plan with a generous company match.
- Employee Stock Purchase Plan (ESPP).
- Paid Time Off (PTO)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
data discoverydata classificationdata protectiondata encryptiondata loss preventiondata lifecycle managementpolicy automationcontinuous monitoringmachine learningdata mapping
Soft Skills
communicationcollaborationguidancerisk mitigationcross-functional teamwork
Certifications
CISSPCISMGSECSecurity+