Security Engineer Data Security

Manage and fine-tune Microsoft Purview DLP policies for endpoints, SharePoint, OneDrive & Teams. Investigate DLP alerts, coordinate incident response with stakeholders, and document outcomes.

Work closely with Legal, Risk, and Compliance teams to align DLP policies with regulatory and internal requirements (e.g., POPIA, GDPR, PCI‑DSS).

Tune policy exceptions and reduce false positives without compromising security.

Email Security (Microsoft Defender for Office): Administer and optimize anti‑phishing, anti‑malware, and anti‑spoofing policies.

Monitor mail flow, quarantine, and threat reports to detect patterns and enhance protection.

Configure Safe Links, Safe Attachments, and ATP policies.

Support investigations of email‑based threats and data leakage attempts.

Web Security (Forcepoint and DMARC): Maintain and support the Forcepoint Web Security environment, including URL filtering, content categorization, and user policies.

Investigate web‑based threat alerts and policy violations.

Assist in integration of web security controls with broader DLP and SIEM tools.

Provide guidance for policy tuning and user experience improvements.

Manage, maintain and support DMARC to ensure Email is protected against spoofing.

SSE / Cloud Access Controls (Cato Networks): Configure and monitor policies on Cato Networks' SSE platform for secure internet access and cloud app control.

Help define Zero Trust Network Access (ZTNA) policies for remote users and sensitive resources.

Review access logs, user behaviour, and cloud application usage for anomalies.

Coordinate with network and identity teams to streamline SSE enforcement.

Triage alerts across DLP, email, web, and SSE tools; elevate or respond as needed.

Provide weekly/monthly reports to leadership on data protection metrics, incident trends, and policy effectiveness.

Collaborate with SOC and Blue Teams on threat correlation and data security posture assessments.

Maintain documentation and support audit readiness.

Qualifications

Technical Skills: Strong hands‑on experience with Microsoft Purview DLP (E5). Proficient in Microsoft Defender for Office (email hygiene, ATP, threat management). Experience with Forcepoint Web Security policy design, deployment, and management. Working knowledge of Secure Service Edge (SSE) and ZTNA concepts; Cato Networks experience preferred. Familiarity with security incident workflows, SIEMs (e.g., Sentinel), and PowerShell scripting.

Experience: 5+ years in IT Security roles, with at least 2–3 focused on data security. Direct involvement in policy design, incident triage, and ongoing tuning of DLP / email / web tools.

Exposure: Regulated environments with compliance reporting (e.g., financial services).

Soft Skills: Detail‑driven with strong analytical skills. Clear communicator, especially when engaging end‑users on policy violations or tuning. Able to balance risk mitigation with operational practicality. Comfortable working across InfoSec, Infrastructure, Legal, and Business teams.

Preferred Certifications: Bachelor's Degree in Computer Science (advantageous). Microsoft Certified: Information Protection Administrator Associate (SC-). Microsoft Certified: Security Operations Analyst Associate (SC-). General security certifications (e.g., CompTIA Security+, CISM, CISSP) are a plus.