We are looking for a Data Security Engineering Specialist to define, implement, govern, and strengthen our data protection capabilities across our multi-cloud platform, supporting critical business operations. In this role, you will focus on data security with deep technical background in data security capabilities such as DLP, encryption, data governance, DSPM, etc.
The ideal candidate brings a hands-on technical expertise for data security and will partner with the platform engineering, data governance, workplace and other teams to develop and implement resilient data secure posture. You will ensure compliance with industry regulations, safeguard critical data and enable secure integration across diverse business environments. You will play a key role in shaping bp's data security agenda and in building a culture of data stewardship and protection.
What you will deliver
- Improve and maintain enterprise data security standards and frameworks covering Data Loss Prevention (DLP), data classification, encryption, data retention, data access governance, and monitoring.
- Work with security architects and platform teams to ensure secure-by-default configurations and data handling practices.
- Maintain baselines for data protection tools and technologies across structured and unstructured data.
- Monitor compliance with security standards and policies across business units and platforms; report gaps and recommend remediation strategies.
- Build data security metrics, KPIs, and dashboards to track compliance, maturity, and risk exposure.
- Bring data security innovation to stay ahead of evolving threats, technologies, regulations (e.g., GDPR, HIPAA, CCPA), and industry standards (e.g., NIST, ISO 27001).
- Collaborate across engineering, compliance, privacy, and risk teams to embed data protection principles into business and technical strategies.
- Perform security reviews, identify gaps, and drive continuous improvement in data protection practices across the multi-cloud environment.
What you will need to be successful (experience and qualifications)
- 7+ years of experience in cybersecurity, with at least 5 years specifically in Data Security, including areas such as DLP, data lifecycle governance, privacy engineering, or data classification and handling.
- Strong hands-on expertise with DLP tools (e.g., Microsoft Purview/Zscaler), data security monitoring platforms, and data access governance solutions.
- Deep understanding of the data lifecycle (create, store, use, share, archive, delete) and associated security risks and controls.
- Familiarity with cloud-native data services and how to apply data security controls across AWS, Azure, and hybrid environments.
- Ability to read and write code/scripts to support automation or compliance tooling (e.g., Python, PowerShell, JSON/YAML for IaC).
- Good communication, collaboration and stakeholder engagement skills.
