Hybrid - Data Protection Security Engineer - Netskope Lead

Job description In this role, you'll own the end-to-end deployment, configuration, and operational health of the Netskope environment while driving enterprise-wide DLP initiatives and zero-trust access strategies. You'll partner closely with cross-functional teams to develop scalable security policies, strengthen cloud and web security controls, and protect sensitive organizational data. The ideal candidate brings deep hands-on Netskope expertise, strong cloud and network security knowledge, and experience building and managing DLP programs within complex enterprise environments. As a Data Protection Security Engineer Netskope Lead, you'll: Lead the deployment, configuration, and ongoing administration of Netskope NG SWG and NPA platforms across the enterprise environment. Design and maintain security controls, including SSL/TLS inspection, URL filtering, cloud application controls, threat protection profiles, and traffic steering policies. Develop and implement zero-trust access strategies by configuring application segmentation, least-privilege access policies, and private application onboarding within Netskope NPA. Integrate Netskope with identity and access management platforms such as Okta, Azure AD, SAML, and SCIM for user-based policy enforcement. Manage Netskope client deployment and coordinate endpoint integrations with IT and endpoint engineering teams. Establish and maintain logging, monitoring, alerting, and reporting integrations with SIEM and security operations platforms. Develop and maintain enterprise DLP policies protecting sensitive data types, including PII, PHI, PCI, intellectual property, and other confidential information. Conduct DLP policy testing, tuning, and validation activities to improve detection accuracy and minimize false positives. Investigate and respond to DLP alerts, security events, and policy violations while supporting incident escalation processes. Partner cross-functionally with Legal, Compliance, Data Governance, Security, and Infrastructure teams to align policies with organizational security and regulatory requirements. Create and maintain architecture documentation, operational runbooks, and security procedures while providing guidance to junior engineers and operational teams. Serve as the subject matter expert for Netskope platforms, cloud security controls, and enterprise DLP strategy. Ideal candidate profile

Preferred Qualifications:

Netskope One Professional or equivalent Netskope certification Experience integrating Netskope with

SIEM/SOAR

platforms (Splunk, Microsoft Sentinel, etc.) Background in endpoint security, SASE architecture, or broader SSE framework implementation Experience with scripting or automation (Python, PowerShell) for policy management or log analysis Familiarity with additional DLP tools or platforms beyond

Netskope Preferred Certifications:

CISSP, CCSP

(ISC ), CISM or equivalent security certification CompTIA Security+ or Network+

Required Qualifications:

8+ years of experience in network security, cloud security, or information security engineering 2+ years of hands-on experience deploying and managing Netskope NG SWG and/or NPA in an enterprise environment Demonstrated experience developing and managing DLP policies, including policy design, testing, and tuning Strong understanding of zero-trust network access (ZTNA) concepts and architectures Proficiency with SSL/TLS inspection, proxy architectures, and cloud access security broker (CASB) functionality Working knowledge of identity and access management platforms (Okta, Azure

AD, SAML, SCIM

) Familiarity with regulatory frameworks relevant to DLP (HIPAA, PCI-DSS, GDPR, CCPA, etc.) Strong analytical and troubleshooting skills with the ability to work through complex network and policy issues

Education:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field - or equivalent hands-on experience in lieu of a degree