Job Title: Data Loss Prevention (DLP) Security Engineer

Location: Remote

Clearance Required: Active Secret or Top-Secret

Salary Range: $140K-$180K Based on Experience

Application Deadline: July 7, 2026

Certification Required: CySA+ and SC-401 or Forcepoint Certified DLP Administrator (FCDA)

Description:

We are seeking a Cybersecurity Engineer to provide engineering and operational support for the agency's enterprise Data Loss Prevention (DLP) and File Content Analysis (FCA) program. This role will support the continued enhancement and sustainment of the agency's Microsoft 365 Purview implementation and the parallel deployment of Forcepoint DLP technologies for endpoint and network data protection outside the M365 environment. The engineer will be responsible for DLP policy development, data classification and monitoring, FCA integration, incident analysis, tuning and optimization of detection capabilities, and ensuring compliance with federal cybersecurity and data protection requirements across enterprise systems and cloud environments.

Required Skills & Experience:

- 7 plus years of relevant IT experience

- Experience implementing modern security solutions in enterprise environments

- Microsoft Purview enterprise DLP deployment experience: policy authoring, sensitive information type design, DLP rule tuning across M365, OneDrive, SharePoint Online, and Teams.

- Forcepoint DLP enterprise deployment experience: endpoint DLP, network DLP, fingerprinting, incident workflow.

- Experience operating in M365 GCC High and/or Azure IL4+ environments

- RMF / ATO documentation experience for DLP solutions, particularly cloud-based with DoD reciprocity

- Tier 3 enterprise support experience (24x7x365 on-call rotation)

- Demonstrated record of DLP rule tuning that reduced false positive rates

- Experience with DISA STIGs as applied to DLP infrastructure

- PowerShell / Microsoft Graph API automation for DLP policy management

Certifications Required:

• One of the following: DoD 8570.01 IAT Level II baseline certification (Security+ CE, CCNA-Security, CySA+, GICSP, GSEC, SSCP, or CND)

• One of the following: CNDSP-IS certification (CEH, CFR, CCNA-Cyber Ops, CHFI, CySA+, GCIA, GCIH, or SCYBER)

and

• Forcepoint Certified DLP Administrator (FCDA) certification preferred or "DLP Administrator" certification Preferred

or

• Microsoft SC-401 (Information Protection Administrator) certification preferred.

About S2i2

S2i2 is a growing company with a supportive and inclusive culture and many opportunities for professional development and growth. We have created a supportive, family-like work environment where contributions are recognized. Regular company updates and open lines of communication with leadership fosters collaboration within the company.

We are proud to include:

• Support to achieve professional certifications and degrees

• Leadership that is accessible to all employees

• Regular company updates

• Client networking social engagements

• Monthly team-building activities (past examples: Top Golf)

• Supporting our community - including veterans

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information.