Senior Engineer, Data Protection & AI Security

Bain Capital Overview:

With approximately $215 billion of assets under management Bain Capital is one of the worlds leading private investment firms. We create lasting impact for our investors teams businesses and the communities in which we live. Over four decades we have strategically grown our platform to focus on Private Equity Growth & Venture Capital Solutions Credit and Real Assets. Today our team includes 1985 employees in 24 offices on four continents.

We partner differently to help people and companies embrace possibility and realize potential. Founded as a private partnership in 1984 we have fostered a culture of innovation entrepreneurialism and agility empowering our people to define and own their career trajectories. Today our partnership approach enables us to pursue strategic growth build enduring relationships with a robust external network and collaborate across our integrated platform to connect the deep and diverse expertise that unlocks breakthrough insights.

Our people are the heart of our advantage. Colleagues at all levels have a seat at the table as they tackle business challenges with a principal investor mindset. By asking incisive questions respectfully challenging one another and remaining intellectually agile we work together to achieve exceptional outcomes.

For more information visit: Bain Capital

Position Overview

Bain Capitals Information Security team is seeking a Senior Engineer Data Protection & AI Security to own and advance the firms data security posture and AI security capabilities. This is a hands-on engineering role responsible for deploying operationalizing and maturing the platforms and processes that protect the firms most sensitive dataacross cloud environments SaaS applications databases and AI workflows.

The ideal candidate combines deep technical expertise in data security platforms (DSPM DLP data classification) with a forward-looking understanding of how AI adoption introduces new data risks. This person will work closely with Security Engineering Cloud Operations the Data Science team and platform owners to build a cohesive data protection programone that addresses both traditional data governance gaps and the emerging challenge of securing enterprise AI tools and workflows.

This is not a monitoring or compliance role. This is an engineering role for someone who builds things owns outcomes and can operate independently in a fast-moving environment with a growing security platform portfolio.

Key Responsibilities

Data Security Posture Management

• Own the end-to-end deployment configuration and operationalization of the firms DSPM platform including onboarding data sources across public cloud environments cloud data warehouses SQL databases and network file shares
• Triage and prioritize DSPM findings coordinate remediation with data owners and infrastructure teams and build reporting workflows that translate discovery results into actionable risk reduction
• Rationalize DSPM capabilities across the security tool portfolio to eliminate overlap between cloud-native application protection DSPM and endpoint-based data security platforms
• Partner with Cloud Operations and application teams to navigate technical integration challenges including IAM permissions network connectivity and change management processes

Data Classification & Governance

• Design and implement a data classification framework that establishes sensitivity levels ownership models and handling requirements for the firms data
• Develop and maintain data classification policies that inform downstream controls across DLP DSPM access governance and backup immutability
• Serve as the security teams subject matter expert on data governance partnering with Compliance and business stakeholders to align classification efforts with regulatory and operational requirements

AI Security

• Evaluate deploy and manage AI security monitoring tools to provide visibility into sanctioned and unsanctioned AI usage across the enterprise
• Develop detection capabilities for sensitive data exposure through GenAI workflows including monitoring for data leakage via AI prompts outputs and integrations with enterprise tools
• Establish and maintain an AI governance operating model in coordination with the CISO and the Data Science team including sanctioned tool inventories acceptable use guardrails and risk-based approval workflows for new AI applications
• Stay current on evolving AI security frameworks (OWASP LLM Top 10 NIST AI RMF MITRE ATLAS) and translate emerging threats into practical defensive measures for the firm

Data Loss Prevention & Insider Threat

• Manage and enhance the firms DLP and insider threat platforms to prevent unauthorized data movement across endpoints cloud applications and email
• Develop and tune DLP policies informed by DSPM discovery and data classification outputs ensuring controls are risk-proportionate and operationally sustainable
• Partner with Security Operations to integrate data protection alerts into the firms SOAR platform for automated triage and response workflows

TECHNOLOGY EXPERIENCE

• Hands-on experience deploying and operating Data Security Posture Management (DSPM) platforms
• Strong working knowledge of cloud security in public cloud environments (AWS preferred) including IAM roles and policies object storage security VPC architecture and infrastructure-as-code templates
• Experience with enterprise DLP platforms and insider threat tools including policy development tuning and incident workflows
• Familiarity with data classification methodologies and tools across structured and unstructured data environments
• Experience with SaaS Security Posture Management (SSPM) platforms
• Working knowledge of AI/ML security concepts including GenAI data leakage vectors prompt injection risks and shadow AI discovery
• Experience integrating security tools via APIs and working with SOAR and automation platforms
• Proficiency with cloud data warehouses SQL databases and cloud object storage from a security and access governance perspective
• Familiarity with enterprise identity providers and identity governance platforms as they relate to data access controls

Qualifications

• Bachelors degree in computer science information security or a related technical field (or equivalent professional experience)
• 7 years of experience in information security with at least 3 years focused on data security data protection or cloud security engineering
• Demonstrated ability to own and drive complex multi-stakeholder technical projects from planning through operationalization
• Strong understanding of data privacy and protection regulations relevant to financial services (GLBA SOX SEC guidelines GDPR)
• Excellent written and verbal communication skills with the ability to translate technical findings into business risk language for senior leadership
• A self-starter with an ownership mindset who thrives in a lean team environment where independent judgment and initiative are expected
• Experience in financial services private equity or asset management is strongly preferred

Preferred Certifications

CISSP CCSP CCSK AWS Security Specialty or relevant GIAC certifications. Certifications in AI security (CAISP) or data privacy (CIPP/US) are a plus.

Join our team and play a foundational role in building the firms data protection and AI security capabilities from the ground upshaping how Bain Capital discovers classifies and protects its most critical data in an era of rapid AI adoption.

Compensation:

Expected Annual Base Salary $125000-$155000

Actual base salary will be determined by a wide range of factors including but not limited to role function level experience qualifications and geographic addition to a competitive base salary this position may be eligible for a discretionary annual bonus based upon factors such as individual impact team and firm performance. Bain Capital offers a competitive benefits package designed to support employees health financial security family needs and overall well-being.

Bain Capital is an equal opportunity employer. We are committed to equal employment opportunity regardless of race color ancestry religion sex national origin sexual orientation age citizenship marital status disability gender identity or Veteran status