Data Security Principal Architect

Job Title: Data Security Principal Architect

Location: Allentown PA (Lehigh Valley) OR Providence RI (Hybrid 3 Days Onsite per Week)

Duration: 12 months contract

Job Overview

The Data Security Principal Architect will serve as a strategic leader and technical expert within the cybersecurity organization responsible for designing and implementing enterprise-wide data protection frameworks. This role focuses on securing structured semi-structured and unstructured data across modern cloud platforms and AI-driven environments.

The ideal candidate will have strong expertise in Microsoft security tools data governance and AI/LLM security practices along with the ability to guide large-scale enterprise security initiatives.

Job Description

This role involves architecting and implementing robust data security solutions by integrating traditional Microsoft Information Protection tools with modern AI-centric data security approaches. The architect will work closely with cybersecurity data governance cloud operations and AI/ML teams to ensure end-to-end data protection compliance and risk mitigation across the organization.

The position requires hands-on experience with tools such as Azure Purview Microsoft Defender DLP solutions and Snowflake along with a strong background in data engineering and enterprise architecture.

Roles and Responsibilities

• Define and lead the enterprise data protection strategy across all data types (structured semi-structured unstructured).
• Align data security practices with regulatory and compliance requirements such as NERC SOX CCPA and GDPR.
• Architect and implement Azure Purview for data classification governance and insider risk management.
• Design and manage Data Loss Prevention (DLP) policies across endpoints cloud platforms email and collaboration tools (Microsoft 365 SharePoint).
• Lead the secure implementation of AI data pipelines including Retrieval-Augmented Generation (RAG) architectures and vector databases.
• Implement encryption strategies such as Transparent Data Encryption (TDE) and evaluate advanced methods like Fully Homomorphic Encryption (FHE) and Differential Privacy (DP).
• Develop and execute strategies for legacy data cleanup including de-duplication archiving migration and long-term retention optimization.
• Define Data Security Posture Management (DSPM) strategy and architecture.
• Establish data incident response protocols and security playbooks.
• Evaluate and integrate third-party tools for data discovery monitoring and tokenization.
• Provide architectural guidance and security best practices to product engineering and AI/ML teams.
• Develop threat models security patterns and governance frameworks.
• Collaborate with stakeholders to balance security usability and operational efficiency.

Required Qualifications and Certifications

• Bachelors degree in computer science Information Security or a related field (or equivalent experience).
• 10 years of experience in Information Security Data Security or Data Architecture roles.
• Strong hands-on experience with:
  • Azure Purview
  • Microsoft Defender
  • Data Loss Prevention (DLP) tools
  • Snowflake
• Experience working with data engineering teams or in data-driven environments.
• Knowledge of data protection in cloud platforms including Azure and data lakes (e.g. Azure Synapse).
• Strong understanding of cryptographic standards such as AES SHA and TLS.
• Familiarity with modern data security concepts including DSPM and AI/LLM security practices.
• Experience in highly regulated industries is preferred.
• Professional certifications preferred:
  • CISSP
  • SANS/GIAC
  • Microsoft Azure Security certifications
• Strong communication leadership and stakeholder management skills.
• Ability to assess and balance security risks with business and operational needs.