Mastech Digital
Sr DLP Analytic Rule Developer
⭐ - Featured Role | Apply direct with Data Freelance Hub
This role is for a Sr DLP Analytic Rule Developer, contract length unspecified, with a pay rate of "unknown." It requires hands-on experience with Microsoft Purview, API integration, and DLP in regulated environments like PCI DSS and SOX. Remote work possible.
🌎 - Country
United States
💱 - Currency
$ USD
-
💰 - Day rate
Unknown
-
🗓️ - Date
March 19, 2026
🕒 - Duration
Unknown
-
🏝️ - Location
Unknown
-
📄 - Contract
Unknown
-
🔒 - Security
Unknown
-
📍 - Location detailed
Irving, TX
-
🧠 - Skills detailed
#Microsoft Power BI #API (Application Programming Interface) #Security #Cloud #Defender #SharePoint #Automation #BI (Business Intelligence) #Classification #PCI (Payment Card Industry) #SaaS (Software as a Service)
Role description
We are hiring a Senior DLP Analytic Rule Developer to build and mature our Microsoft Purview DLP program across a complex, multi-cloud retail enterprise. You will design, develop, and tune analytic rules that protect sensitive data thousands of endpoints, spanning Microsoft 365, endpoint DLP, SaaS applications, and structured cloud data.
This role sits within Security Engineering and focuses on building production-grade DLP policies from the ground up. You will own analytic logic, reduce false positives, and translate regulatory requirements into precise technical controls aligned to PCI DSS, SOX, and state privacy laws.
Key Responsibilities
• Design and deploy baseline production DLP policies across Copilot, Exchange Online, SharePoint, OneDrive, Teams, endpoint DLP, Defender for Cloud Apps, on-premises file shares, and SaaS platforms.
• Build and maintain custom sensitive information types, EDM classifiers, and trainable classifiers within Microsoft Purview.
• Develop advanced pattern matching and detection logic to minimize false positives while preserving coverage.
• Continuously tune policies based on alert telemetry, business workflows, and data usage patterns.
• Integrate DLP with Microsoft Defender and Insider Risk to improve detection context and risk scoring.
• Translate PCI DSS, SOX, and state privacy requirements into enforceable DLP controls.
• Build and formalize enterprise data classification taxonomy.
• Integrate Microsoft Purview DLP with adjacent security platforms using APIs and automation.
• Define and implement executive-level KPIs for DLP effectiveness.
• Build dashboards and reporting in Power BI or similar platforms.
Example of Expected Outcomes
• Deploy baseline production DLP policies across all Microsoft 365 workloads.
• Integrate DLP with Microsoft Defender to improve detection fidelity.
• Build enterprise data classification taxonomy aligned to regulatory requirements.
• Implement executive reporting with defined KPIs and operational metrics.
• Establish measurable reduction in false positives through tuning and classifier refinement.
Required Experience
• Hands-on experience building custom sensitive information types and EDM classifiers in Microsoft Purview.
• Experience developing and tuning trainable classifiers.
• Experience integrating DLP with Microsoft Defender, third-party apps.
• Experience with API integration and automation of security workflows.
• Experience building dashboards and metrics in Power BI or similar tools.
• Experience working in regulated environments including PCI DSS and SOX.
Preferred Qualifications
• Microsoft SC-400 certification.
• CISSP certification.
• Experience in retail or large distributed enterprise environments.
• Experience operating in multi-cloud environments.
We are hiring a Senior DLP Analytic Rule Developer to build and mature our Microsoft Purview DLP program across a complex, multi-cloud retail enterprise. You will design, develop, and tune analytic rules that protect sensitive data thousands of endpoints, spanning Microsoft 365, endpoint DLP, SaaS applications, and structured cloud data.
This role sits within Security Engineering and focuses on building production-grade DLP policies from the ground up. You will own analytic logic, reduce false positives, and translate regulatory requirements into precise technical controls aligned to PCI DSS, SOX, and state privacy laws.
Key Responsibilities
• Design and deploy baseline production DLP policies across Copilot, Exchange Online, SharePoint, OneDrive, Teams, endpoint DLP, Defender for Cloud Apps, on-premises file shares, and SaaS platforms.
• Build and maintain custom sensitive information types, EDM classifiers, and trainable classifiers within Microsoft Purview.
• Develop advanced pattern matching and detection logic to minimize false positives while preserving coverage.
• Continuously tune policies based on alert telemetry, business workflows, and data usage patterns.
• Integrate DLP with Microsoft Defender and Insider Risk to improve detection context and risk scoring.
• Translate PCI DSS, SOX, and state privacy requirements into enforceable DLP controls.
• Build and formalize enterprise data classification taxonomy.
• Integrate Microsoft Purview DLP with adjacent security platforms using APIs and automation.
• Define and implement executive-level KPIs for DLP effectiveness.
• Build dashboards and reporting in Power BI or similar platforms.
Example of Expected Outcomes
• Deploy baseline production DLP policies across all Microsoft 365 workloads.
• Integrate DLP with Microsoft Defender to improve detection fidelity.
• Build enterprise data classification taxonomy aligned to regulatory requirements.
• Implement executive reporting with defined KPIs and operational metrics.
• Establish measurable reduction in false positives through tuning and classifier refinement.
Required Experience
• Hands-on experience building custom sensitive information types and EDM classifiers in Microsoft Purview.
• Experience developing and tuning trainable classifiers.
• Experience integrating DLP with Microsoft Defender, third-party apps.
• Experience with API integration and automation of security workflows.
• Experience building dashboards and metrics in Power BI or similar tools.
• Experience working in regulated environments including PCI DSS and SOX.
Preferred Qualifications
• Microsoft SC-400 certification.
• CISSP certification.
• Experience in retail or large distributed enterprise environments.
• Experience operating in multi-cloud environments.
