Data Privacy Analyst

• • • • • • IMMEDIATE NEED • • • • • • • • • • • NO THIRDS PLEASE • • • • • • • • LOCAL HOUSTON CANDIDATES • • • Great opportunity for an experienced Data Privacy Analyst to work a 6 month plus contract for a manufacturing organization located around the IAH area of Houston. This is a 5 day a week on-site role. Position Summary We are seeking a skilled and motivated Data Loss Prevention (DLP) & Data Privacy Engineer to join our Information Security team. In this mid-level role, you will be responsible for designing, implementing, and maintaining enterprise DLP solutions and data privacy frameworks to protect sensitive organizational and customer data. You will work cross-functionally with IT, Legal, Compliance, and business stakeholders to ensure data handling practices align with regulatory requirements and corporate security policies. Key Responsibilities DLP Program Management • Design, deploy, configure, and tune DLP policies across endpoints, networks, email, and cloud environments (Microsoft Purview, Symantec DLP, Forcepoint, or equivalent) • Monitor DLP alerts, investigate policy violations, and coordinate remediation with data owners and business units • Develop and maintain DLP rule sets, data classifiers, and content inspection policies tailored to organizational risk tolerance • Perform regular DLP policy reviews and effectiveness assessments, report metrics to security leadership Data Privacy & Compliance • Support the implementation and maintenance of data privacy programs aligned with GDPR, CCPA/CPRA, HIPAA, and other applicable regulations • Conduct data mapping, data flow analysis, and records of processing activities (RoPA) to identify sensitive data repositories • Assist with Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new projects and systems • Collaborate with Legal and Compliance teams to respond to data subject access requests (DSARs) and privacy incidents Technical Implementation & Integration • Integrate DLP tools with SIEM platforms (Splunk, Microsoft Sentinel) and SOAR solutions for automated incident response workflows • Configure and manage data classification solutions (Microsoft Information Protection, Varonis, or similar) to enforce sensitivity labeling • Support cloud DLP implementations across SaaS, IaaS, and PaaS environments including Microsoft 365, Google Workspace, AWS, and Azure • Develop scripts and automation (Python, PowerShell) to enhance DLP workflows and reporting capabilities Stakeholder Collaboration & Training • Provide guidance and advisory support to IT teams, developers, and business units on secure data handling practices • Develop and deliver data privacy and DLP awareness training materials for employees • Participate in security incident response activities related to data exfiltration and unauthorized disclosure events • Document policies, procedures, runbooks, and technical configurations related to the DLP and privacy program Required Qualifications Education • Bachelor’s degree in computer science, Information Security, Information Systems, or a related technical field; or equivalent practical experience Experience • 3–5 years of hands-on experience in information security with a focus on DLP, data classification, or data privacy engineering • Demonstrated experience configuring and managing enterprise DLP platforms such as Microsoft Purview, Symantec DLP, McAfee Total Protection, or Forcepoint DLP • Experience implementing or supporting data privacy programs under one or more regulatory frameworks (GDPR, CCPA/CPRA, HIPAA, PCI-DSS) • Proficiency in data classification tooling and sensitivity label governance (Microsoft Information Protection preferred) • Familiarity with cloud security controls and DLP capabilities in Microsoft 365, Azure, AWS, or Google Cloud Platform • Working knowledge of scripting languages (Python, PowerShell, or Bash) for automation and log analysis • Experience with SIEM platforms and the ability to write correlation rules related to data exfiltration indicators Preferred Qualifications • Experience with CASB solutions (Microsoft Defender for Cloud Apps, Netskope, or Zscaler) to extend DLP controls to cloud applications • Familiarity with zero trust architecture principles and their application to data security • Knowledge of data tokenization, encryption, and masking techniques • Experience supporting or leading Privacy Impact Assessments and coordinating with external auditors or regulators • Background in endpoint DLP and removable media control policies • Exposure to eDiscovery, legal hold processes, or forensic investigations involving sensitive data CompTIA Security+ is a requirement. CIPP a HUGE PLUS!!!!