Information Security Engineer Sr - Data Loss Prevention (DLP)

About Us

Harris Health System is the public healthcare safety-net provider established in 1966 to serve the residents of Harris County, Texas. As an essential healthcare system, Harris Health champions better health for the entire community, with a focus on low-income uninsured and underinsured patients, through acute and primary care, wellness, disease management and population health services. Ben Taub Hospital (Level 1 Trauma Center) and Lyndon B. Johnson Hospital (Level 3 Trauma Center) anchor Harris Health's robust network of 39 clinics, health centers, specialty locations and virtual (telemedicine) technology. Harris Health is among an elite list of health systems in the U.S. achieving Magnet® nursing excellence designation for its hospitals, the prestigious National Committee for Quality Assurance designation for its patient-centered clinics and health centers and its strong partnership with nationally recognized physician faculty, residents and researchers from Baylor College of Medicine; McGovern Medical School at The University of Texas Health Science Center at Houston (UTHealth); The University of Texas MD Anderson Cancer Center; and the Tilman J. Fertitta Family College of Medicine at the University of Houston.

Job Profile

Job Summary:
The Senior Information Security Engineer supports the organizations cybersecurity efforts by assisting with security projects, access control, and continuous monitoring of the IT environment. This role plays a key part in incident response, auditing, and threat detection, while also maintaining up-to-date documentation and supporting compliance initiatives. The analyst collaborates across departments, resolves help desk tickets, and contributes to the development of a secure infrastructure. Through ongoing training and professional development, the analyst ensures alignment with evolving security standards and best practices.


Minimum Qualifications
Degrees / Work Experience / School Education:
Bachelors of Science in Information Technology or related field (And) Five (5) Years Work Experience related industry experience (clinical or business).
(Or)
High School Diploma or GED (And) Nine (9) Years Work Experience related industry experience (clinical or business).

Licenses & Certifications:
Security + (or) Cisco security certifications GIAC (or) CISSP upon hire or one of these must be obtained within 6 months of accepting position

Work Experience: Four (4) Years Work Experience in a security and compliance role. Ability to evaluate and review a range of information systems and applications to include' Windows, Unix, IBM, Cisco.

We are seeking an experienced Microsoft Purview DLP Engineer to design, implement, and manage our data loss prevention strategy. As a key member of the security team, you will be responsible for safeguarding sensitive information across the enterprise, including Microsoft 365 workloads (Exchange, SharePoint, OneDrive, Teams), endpoint devices, and cloud apps. You will collaborate with cross-functional teams to identify data risks, create, and refine DLP policies, and respond to incidents. The candidate should be able to work in a hybrid model and be ready to come to office when needed.

Key Responsibilities:
Typical duties may include:

Configuring & Managing DLP Solution
Develop, test, and deploy DLP policies and rules based on business, regulatory (HIPAA, PCI etc.), and compliance requirements.
Actively monitor the Microsoft Purview compliance portal for alerts and events. This involves investigating, triaging, and responding to DLP incidents, distinguishing between true positives and false positives.
Analyze, review, and fine-tune DLP rules to improve accuracy, reduce false positives, and minimize disruptions to legitimate business workflows.
Onboard and configure endpoint devices to prevent data loss (e.g., restricting data copying to USB drives, printing, or uploading to personal cloud storage) via Microsoft Intune or Defender for Endpoint.
Work with vendors to upgrade, patch, and maintain DLP infrastructure, including agent deployment and management consoles.
Understand LLMs and the importance of DLP to safeguard data from getting compromised.

Incident Response
Being able to respond to an incident in case sensitive data gets exfiltrated/ compromised.
Familiarity with IR processes pertaining to DLP, forensic techniques, and security event escalation workflows.

Insider Threat
Configure & maintain an Insider Threat framework in MS Purview.
Train and collaborate with the SOC team to monitor Insider Threat logs.


Required Qualifications & Skills:
Bachelor's degree in Cybersecurity/IT or equivalent experience.
2 - 4+ years of experience with DLP, ideally with MS Purview.
Hands on experience with M365 ecosystem.
SC-401 and/or SC-200 certified OR equivalent experience in MS Purview.
Strong analytical and communication skills.
Team-oriented with a positive and professional approach.

Preferred Qualifications:
Expertise in MS Purview especially with Data Loss Prevention (DLP), Information Protection, Sensitivity Labels, Insider Risk Management, Audit, and eDiscovery.
Entra ID (Azure AD) knowledge, Conditional Access, RBAC, MFA, PIM.
Familiarity with Microsoft Defender suite (Endpoint, Identity, Cloud Apps) and SIEM/SOAR platforms.
Understanding data classification, PII/PHI/PCI data, and common exfiltration methods (email, web, cloud).
Knowledge of GDPR, HIPAA, CCPA, PCI-DSS.
Strong analytical and communication skills.

Benefits & EEOC

Harris Health System's benefits program is designed to provide you with more flexibility and choices in meeting your specific needs. Harris Health System's benefits program allows you to protect your income in case of illness, death and disability, and to help you save for retirement.

It is the policy of Harris Health System to provide equal opportunity for all applicants for employment regardless of political affiliation, race, color, national origin, age, sex, religious creed or disability. Applicants may request any reasonable accommodation(s) to participate in the application process.

Job Category

Information Technology