Cloud DLP Architect
Apex Systems, Malvern, PA, United States
Job Title: Cloud Data Loss Prevention (DLP) Architect
Function: Enterprise Security / Data Security
Level: Senior / Architect
Reports To: Manager, Data Security & DLP
Role Summary
Apex Systems has an opening available for a Cloud DLP Architect with one of our investment management clients. The Cloud DLP Architect is responsible fordesigning, implementing, and evolving the enterprise Cloud DLP and Data Security Posture Management (DSPM) strategy. This role provides architectural leadership for protecting sensitive data acrossSaaS, IaaS, PaaS, and cloud data platforms, ensuring continuous visibility, riskbased control enforcement, and regulatory compliance. This position emphasizesDSPMdriven data discovery, classification, and risk prioritization, enabling proactive reduction of cloud data exposure and misuse. The architect will partner closely with Cloud Engineering, IAM, SOC, Legal, Privacy, and Compliance teams to embed data protection into modern cloud operating models. If you are interested in learning more, apply TODAY and/or email your resume to Anna Susie at [email protected]
Location:
Hybrid in Philadelphia, PA or Dallas, TX
Duration:
9-12+ month contract-to-hire
Key Responsibilities
Cloud DLP & DSPM Architecture
Architect and own theendtoend Cloud DLP and DSPM capability, covering dataatrest, datainmotion, and datainuse.
Design scalable architectures forcontinuous sensitive data discovery and classificationacross SaaS, cloud storage, and data platforms.
Integrate DSPM findings intoCloud DLP policy strategy, enabling riskbased enforcement and prioritization.
Data Risk Management
Identify and reducecloud data risk, including shadow data, overexposed data, excessive permissions, and toxic data combinations.
Establishdata risk scoring and posture metricsbased on sensitivity, exposure, access, and business impact.
Drive remediation strategies in partnership with application owners and platform teams.
Policy Strategy & Enforcement
Define Cloud DLP policies aligned todata classification, regulatory obligations, and business risk tolerance.
Lead the transition frommonitor to enforcemodels while minimizing business disruption.
Ensure consistent policy alignment acrossCloud, Network, and Endpoint DLPdomains.
Security Operations & Incident Response
Integrate Cloud DLP and DSPM telemetry intoSOC and IR workflows.
Support investigation and response to cloud data exposure and exfiltration events.
Reduce false positives through tuning, automation, and advanced detection techniques.
CrossFunctional Leadership
Serve as thecloud data protection subjectmatter expertfor architecture reviews and strategic initiatives.
Partner with Cloud Engineering, IAM, Legal, Privacy, Compliance, and Risk teams to ensure aligned outcomes.
Provide technical guidance and mentorship to DLP engineers and analysts.
Reporting & Executive Engagement
Deliverclear, riskbased reportingto senior leadership and regulators.
Translate technical findings intobusinessrelevant insights and decisions.
Support audits (SOC2, GDPR, GLBA, etc.) with defensible evidence and documentation.
Required Qualifications
Experience
7+ years in information security, withstrong focus on cloud and data security
3+ years architecting or leadingCloud DLP and/or DSPM solutions
Proven experience protecting data acrossSaaS, IaaS, and PaaS environments
Technical Expertise
Cloud DLP platforms (e.g., Microsoft Purview, Palo Alto Enterprise DLP, Zscaler DLP)
DSPM technologies and methodologies (data discovery, classification, exposure analysis)
Cloud platforms: Microsoft Azure, AWS, and/or GCP
SaaS data protection (Microsoft 365, cloud storage, enterprise SaaS)
Integration with IAM, CASB, SSPM, SIEM, and SOAR
Security & Risk Knowledge
Data classification frameworks and information protection standards
Regulatory requirements impacting data protection (e.g., GDPR, GLBA, SOC2)
Zero Trust and SASE architectures as they relate to data security
EO Employer
ApexSystemsisanequalopportunityemployer.Wedonotdiscriminateorallowdiscriminationonthebasisofrace,color,religion,creed,sex(includingpregnancy,childbirth,breastfeeding,orrelatedmedicalconditions),age,sexualorientation,genderidentity,nationalorigin,ancestry,citizenship,geneticinformation,registereddomesticpartnerstatus,maritalstatus,disability,statusasacrimevictim,protectedveteranstatus,politicalaffiliation,unionmembership,oranyothercharacteristicprotectedbylaw.Apexwillconsiderqualifiedapplicantswithcriminalhistoriesinamannerconsistentwiththerequirementsofapplicablelaw.Ifyouhavevisitedourwebsiteinsearchofinformationonemploymentopportunitiesortoapplyforaposition,andyourequireanaccommodationinusingourwebsiteforasearchorapplication,pleasecontactourEmployeeServicesDepartmentat [email protected] or844-463-6178.
Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details.
Everforth Apex Benefits Overview:
Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Everforth Apex team member can provide.
Function: Enterprise Security / Data Security
Level: Senior / Architect
Reports To: Manager, Data Security & DLP
Role Summary
Apex Systems has an opening available for a Cloud DLP Architect with one of our investment management clients. The Cloud DLP Architect is responsible fordesigning, implementing, and evolving the enterprise Cloud DLP and Data Security Posture Management (DSPM) strategy. This role provides architectural leadership for protecting sensitive data acrossSaaS, IaaS, PaaS, and cloud data platforms, ensuring continuous visibility, riskbased control enforcement, and regulatory compliance. This position emphasizesDSPMdriven data discovery, classification, and risk prioritization, enabling proactive reduction of cloud data exposure and misuse. The architect will partner closely with Cloud Engineering, IAM, SOC, Legal, Privacy, and Compliance teams to embed data protection into modern cloud operating models. If you are interested in learning more, apply TODAY and/or email your resume to Anna Susie at [email protected]
Location:
Hybrid in Philadelphia, PA or Dallas, TX
Duration:
9-12+ month contract-to-hire
Key Responsibilities
Cloud DLP & DSPM Architecture
Architect and own theendtoend Cloud DLP and DSPM capability, covering dataatrest, datainmotion, and datainuse.
Design scalable architectures forcontinuous sensitive data discovery and classificationacross SaaS, cloud storage, and data platforms.
Integrate DSPM findings intoCloud DLP policy strategy, enabling riskbased enforcement and prioritization.
Data Risk Management
Identify and reducecloud data risk, including shadow data, overexposed data, excessive permissions, and toxic data combinations.
Establishdata risk scoring and posture metricsbased on sensitivity, exposure, access, and business impact.
Drive remediation strategies in partnership with application owners and platform teams.
Policy Strategy & Enforcement
Define Cloud DLP policies aligned todata classification, regulatory obligations, and business risk tolerance.
Lead the transition frommonitor to enforcemodels while minimizing business disruption.
Ensure consistent policy alignment acrossCloud, Network, and Endpoint DLPdomains.
Security Operations & Incident Response
Integrate Cloud DLP and DSPM telemetry intoSOC and IR workflows.
Support investigation and response to cloud data exposure and exfiltration events.
Reduce false positives through tuning, automation, and advanced detection techniques.
CrossFunctional Leadership
Serve as thecloud data protection subjectmatter expertfor architecture reviews and strategic initiatives.
Partner with Cloud Engineering, IAM, Legal, Privacy, Compliance, and Risk teams to ensure aligned outcomes.
Provide technical guidance and mentorship to DLP engineers and analysts.
Reporting & Executive Engagement
Deliverclear, riskbased reportingto senior leadership and regulators.
Translate technical findings intobusinessrelevant insights and decisions.
Support audits (SOC2, GDPR, GLBA, etc.) with defensible evidence and documentation.
Required Qualifications
Experience
7+ years in information security, withstrong focus on cloud and data security
3+ years architecting or leadingCloud DLP and/or DSPM solutions
Proven experience protecting data acrossSaaS, IaaS, and PaaS environments
Technical Expertise
Cloud DLP platforms (e.g., Microsoft Purview, Palo Alto Enterprise DLP, Zscaler DLP)
DSPM technologies and methodologies (data discovery, classification, exposure analysis)
Cloud platforms: Microsoft Azure, AWS, and/or GCP
SaaS data protection (Microsoft 365, cloud storage, enterprise SaaS)
Integration with IAM, CASB, SSPM, SIEM, and SOAR
Security & Risk Knowledge
Data classification frameworks and information protection standards
Regulatory requirements impacting data protection (e.g., GDPR, GLBA, SOC2)
Zero Trust and SASE architectures as they relate to data security
EO Employer
ApexSystemsisanequalopportunityemployer.Wedonotdiscriminateorallowdiscriminationonthebasisofrace,color,religion,creed,sex(includingpregnancy,childbirth,breastfeeding,orrelatedmedicalconditions),age,sexualorientation,genderidentity,nationalorigin,ancestry,citizenship,geneticinformation,registereddomesticpartnerstatus,maritalstatus,disability,statusasacrimevictim,protectedveteranstatus,politicalaffiliation,unionmembership,oranyothercharacteristicprotectedbylaw.Apexwillconsiderqualifiedapplicantswithcriminalhistoriesinamannerconsistentwiththerequirementsofapplicablelaw.Ifyouhavevisitedourwebsiteinsearchofinformationonemploymentopportunitiesortoapplyforaposition,andyourequireanaccommodationinusingourwebsiteforasearchorapplication,pleasecontactourEmployeeServicesDepartmentat [email protected] or844-463-6178.
Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details.
Everforth Apex Benefits Overview:
Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Everforth Apex team member can provide.