**Introduction** A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio, including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment **Your role and responsibilities** Role Summary We are looking for a highly technical and analytical Senior Data Protection Engineer to serve as the subject matter expert for our DLP and DAM platforms. You will be responsible for the end-to-end management of these systems—from strategy and deployment to monitoring, tuning, and incident response. Your work will directly protect our or customer most valuable data assets from internal and external threats, ensuring compliance with regulations. This is a hands-on role that requires deep technical knowledge of data security tools, a understanding of data flows, and a proactive approach to threat mitigation. Key Responsibilities DLP (Data Loss Prevention) Engineering: * Serve as the primary owner and administrator for the enterprise DLP platform Trellix. This include but not limited to Health check, update, capacity & available management. * Architect, deploy, and maintain DLP agents and policies across endpoints, network, and cloud (SaaS, IaaS) channels. * Perform data flow analysis (DFA) and develop and fine-tune DLP policies to accurately detect and prevent the exfiltration of sensitive data (e.g., PII, PCI, PHI, Intellectual Property) while minimizing false positives. * Investigate and respond to DLP alerts, leading the incident response process for potential data exfiltration events. * Integrate DLP with other security systems (SIEM, SOAR, Email Security) for automated ticketing and enriched investigation. * Reporting & Dashboarding along with DLP config management, policy changes & review DAM (Database Activity Monitoring) Engineering: * Manage the DAM solution platform (IBM Guardium) for administration & access management and monitor, capture, and analyze all database activity in near real-time. * Deploy and maintain DAM sensors and agents across diverse database environments (e.g., Oracle, SQL Server, MySQL, AWS RDS, Azure SQL). * Create and optimize DAM policies to alert (e.g. PII & financial data) on suspicious activities, privileged user misuse, and potential data breaches based on the MITRE ATT&CK framework. * Conduct forensic analysis on database events to support incident investigations and compliance audits. * Ensure the integrity and performance of the DAM infrastructure. * Monitoring Report creation, review & submission, Config management, Sharing audit logs during internal and external audits * Conduct data access reviews, anomaly detection, Database Risk review reporting * Daily/Weekly/Monthly schedule and on-demand out of box reporting * Interfacing with DBA team for testing and troubleshooting DAM controls Program Management & Optimization: * Continuously assess the effectiveness of DLP and DAM controls and recommend improvements. * Develop and maintain detailed documentation of architectures, policies, procedures, and workflows. * Stay current with emerging data security threats, technologies, and best practices. * Manage the lifecycle of the DLP and DAM tools, including vendor management, licensing, and upgrade planning. Collaboration & Compliance: * Work closely with the Internal teams to ensure DLP/DAM controls meet regulatory requirements. * Partner with IT, DevOps, and database administrators to ensure seamless deployment and minimize business disruption. * Mentor junior analysts and serve as an escalation point for complex data security incidents. * Generate and present metrics and reports on data protection program effectiveness to leadership. **Required technical and professional expertise** Required Qualifications & Experience * 5+ years of experience in cybersecurity, with at least 3 years of hands-on, dedicated experience managing both DLP and DAM platforms. * Proven experience in deploying, configuring, and tuning a major enterprise DLP solution. * Proven experience in deploying, configuring, and tuning a major DAM solution, including the management of sensors and database activity policies. * Strong understanding of data classification frameworks and regulatory requirements. * Good knowledge of database structures, SQL queries, and common database platforms. * Practical understanding of network protocols (HTTP/S, SMTP, FTP) and cloud application architectures (e.g., O365, Google Workspace, AWS, Azure). * Excellent analytical and problem-solving skills with the ability to investigate complex data security events. **Preferred technical and professional experience** Preferred Qualifications * Direct hands-on experience with one or more of the following: * DLP: Trellix (McAfee) DLP. * DAM: IBM Guardium * Relevant certifications such as: * Vendor-specific certifications (e.g., IBM Guardium Administrator, Trellix DLP). * Experience with scripting languages (Python, PowerShell) for automation and integration will have added advantage. * Familiarity with Data Security Posture Management (DSPM) concepts and tools. * Experience working in a regulated industry (Finance) will have added advantage. IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.