DSPM Engineer - Manager

Kroll is seeking a Senior DSPM Engineer to support the design, implementation, and operationalization of enterprise Data Security Posture Management (DSPM) capabilities across complex cloud, SaaS, hybrid, and on-premise environments. This is a highly technical, client-facing role focused on helping organizations improve visibility, governance, classification, protection, and monitoring of sensitive data across modern enterprise ecosystems.
The ideal candidate will have approximately 4–7 years of experience in DSPM, data security, cloud security, data governance, DLP, or cybersecurity engineering, preferably within a Big 4 or comparable consulting environment. This role is best suited for a hands-on engineer with strong technical implementation capabilities, data protection expertise, and experience integrating DSPM platforms into broader cybersecurity, governance, privacy, and cloud ecosystems.
You will work closely with Data Governance, Privacy, Cloud Security, SOC, IAM, Infrastructure, and Risk teams to design and implement scalable data protection architectures and operational DSPM programs.

Day-to-day responsibilities:

• Lead or support implementation and operationalization of DSPM platforms across enterprise cloud, SaaS, and hybrid environments.

• Configure and optimize DSPM capabilities including sensitive data discovery, classification, metadata analysis, risk scoring, data access visibility, lineage, and remediation workflows.

• Support deployment and tuning of DSPM connectors across AWS, Azure, GCP, Microsoft 365, Salesforce, Snowflake, Databricks, databases, file shares, and SaaS platforms.

• Engineer integrations between DSPM platforms and SIEM, SOAR, DLP, CMDB, IAM, GRC, privacy platforms, and ticketing systems.

• Develop automation and orchestration workflows to improve governance and remediation operations.

• Support enterprise data protection initiatives involving DSPM, DLP, data classification, retention, access governance, encryption, and privacy operations.

• Assist with implementation of data-centric security controls aligned to Zero Trust principles.

• Conduct technical assessments of sensitive data exposure risks across structured and unstructured environments.

• Support remediation planning and implementation activities for identified data security risks.

• Help clients improve visibility into sensitive data usage, storage, movement, and access patterns.

• Support design and implementation of scalable DSPM architectures across multi-cloud and hybrid environments.

• Collaborate with Cloud Security and Infrastructure teams to integrate DSPM capabilities into enterprise cloud security strategies.

• Support governance and protection integration with Microsoft Purview, OneTrust, BigID, Securiti, Cyera, Symmetry Systems, Varonis, Zscaler, and ServiceNow.

• Assist with API integration, metadata ingestion, workflow automation, and governance reporting capabilities.

• Contribute to development of reference architectures, engineering standards, and reusable deployment patterns.

• Participate in client workshops, architecture reviews, technical discovery sessions, and implementation planning activities.

• Translate business, regulatory, and cybersecurity requirements into scalable DSPM and data protection solutions.

• Support governance maturity assessments, data risk assessments, and architecture gap analyses.

• Produce high-quality technical documentation, architecture diagrams, implementation guides, and operational procedures.

• Support technical delivery workstreams across cybersecurity, governance, privacy, and cloud transformation engagements.

• Stay current on emerging DSPM, data governance, AI governance, privacy, and cloud security technologies.

• Support development of reusable accelerators, implementation methodologies, and technical standards.

• Contribute to internal capability development, technical knowledge sharing, and operational optimization initiatives.

• Mentor junior engineers and support collaborative engineering culture where applicable.

Essential Traits:

• Strong hands-on engineering and troubleshooting mindset.

• Ability to balance technical depth with client communication.

• Excellent collaboration and stakeholder engagement skills.

• Strong documentation and implementation discipline.

• Curiosity and passion for emerging data protection and governance technologies.

• Ability to operate effectively across fast-paced consulting environments.

Prerequisite:

• 4–7 years of experience in DSPM, Data Security, Cloud Security, DLP, Data Governance, Cybersecurity Engineering, Privacy Engineering, or Technology Consulting.

• Prior consulting experience is strongly preferred, ideally within Big 4 consulting, cybersecurity consulting firms, or enterprise technology consulting environments.

• Hands-on experience implementing or supporting enterprise data security and governance technologies.

• Experience supporting cloud-based and hybrid enterprise environments.

1. Strong analytical, troubleshooting, and technical problem-solving capabilities

• Hands-on or advisory experience with DSPM and governance platforms such as BigID, Cyera, Symmetry Systems, Securiti, Microsoft Purview, Varonis, and OneTrust.

• Experience with DLP and data protection technologies including Microsoft Purview DLP, Zscaler, Netskope, and Forcepoint.

• Understanding of sensitive data discovery, metadata management, lineage, access governance, cloud-native security controls, Zero Trust architectures, IAM integrations, and API-based integrations.

• Familiarity with SIEM/SOAR integrations, ServiceNow workflows, CMDB integrations, cloud security architecture, and DevSecOps concepts.

• Experience with AWS, Azure, or GCP strongly preferred.

• Certifications preferred - CISSP, CCSP, CISM, Microsoft Security or Purview certifications, AWS or Azure Security certifications, CDMP, Privacy certifications such as CIPP/US or CIPM and Relevant DSPM vendor certifications where applicable

#LI-SP1