Security Engineer Insider threat DAP

The Security Engineer Insider Threat & Data Protection (DLP) is responsible for implementing managing and enhancing data protection and insider threat detection technologies that safeguard Mattels global enterprise. This role focuses on the design deployment and optimization of DLP solutions and insider threat monitoring tools to prevent data misuse and unauthorized access to sensitive information. The ideal candidate combines technical expertise with analytical and investigative skills to detect respond to and mitigate insider risks while maintaining trust privacy and compliance across the organization. 

Roles and Responsibilities 

• Implement and manage enterprise Data Loss Prevention (DLP) and insider threat detection platforms across Mattels global environments. 

• Develop refine and maintain DLP and insider threat policies rulesets and controls to detect and prevent data exfiltration or misuse. 

• Integrate DLP and insider threat systems with identity management SIEM and cloud security tools to enhance correlation and visibility. 

• Collaborate with Legal HR and Compliance teams to ensure monitoring aligns with ethical privacy and regulatory requirements. 

• Analyze user activity and alerts to identify abnormal or risky behaviors indicative of potential insider threats. 

• Investigate incidents related to data misuse exfiltration or leakage ensuring accurate documentation and timely escalation. 

• Develop dashboards and performance metrics to measure data protection efficacy and program maturity. 

• Collaborate with IT Infrastructure and Security Operations teams to enable secure collaboration and data exchange across enterprise systems. 

• Maintain up-to-date documentation playbooks and standard operating procedures (SOPs) for DLP operations and insider threat response.  

• Evaluate new data protection and user behavior analytics tools to strengthen detection prevention and automation capabilities. 

• Ensure DLP systems and insider threat tools are maintained within defined SLAs and operational best practices.  

• Participate in incident reviews lessons-learned sessions and continuous improvement initiatives to enhance data security posture.  

• Stay informed on evolving data protection regulations frameworks and technologies to align enterprise controls with industry standards. 

Skills and Qualifications 

Required: 

• 35 years of experience in security engineering data protection or insider threat monitoring within enterprise environments. 

• Hands-on experience managing Data Loss Prevention (DLP) and insider threat detection platforms across endpoints email cloud and network layers. 

• Strong understanding of data classification data handling policies and access control methodologies. 

• Knowledge of endpoint network and cloud DLP technologies and their integration within enterprise systems. 

• Experience analyzing user activity and data movement to identify anomalous or suspicious behavior. 

• Familiarity with data protection regulations including GDPR CCPA and global privacy are the best practices. 

• Proficiency in scripting and automation (Python PowerShell or similar) for tuning policies and managing alerts. 

• Ability to collaborate across Legal HR Compliance and IT functions to align insider threat activities with organizational priorities. 

• Excellent analytical problem-solving and communication skills with a strong investigative mindset. 

• Adaptable and detail-oriented with the ability to manage sensitive investigations discreetly in a fast-paced global environment. 

Preferred: 

• Bachelors degree in Cybersecurity Computer Science Information Systems or a related field (or equivalent experience). 

• Certifications such as GCITP CCITP CDPSE or other data protection and insider threat credentials. 

• Experience with CASB solutions cloud data protection tools Microsoft 365 and Google Workspace DLP modules. 

• Understanding of the MITRE ATT&CK framework for insider threat and data exfiltration use cases. 

• Experience automating DLP reporting and integrating user behavior analytics for enhanced visibility. 

• Knowledge of forensics processes for investigating insider-driven incidents and data breaches. 

Remote Work :

No

Employment Type :

Full-time