Client: Leading Energy & Utilities Organization
Location: Allentown, PA (Hybrid – 1–2 days per week onsite)
Our client is seeking a Principal Data Security Solutions Architect to join a high-impact Cybersecurity organization. This role serves as both a strategic leader and technical authority, responsible for designing and implementing enterprise-wide data protection frameworks. The position blends traditional Microsoft Information Protection capabilities with modern, AI-driven security practices, including securing LLM pipelines, vector databases, and legacy data environments. This individual will partner cross-functionally with Security Engineering, Data Governance, Cloud Operations, and AI/ML teams to ensure data is protected across its full lifecycle.
Key Highlights:
• Define and lead enterprise data protection strategy across structured, semi-structured, and unstructured data environments
• Architect and implement solutions leveraging Azure Purview, Microsoft Defender, and DLP tools
• Drive secure AI data pipeline initiatives (RAG architectures, vector databases, encryption strategies)
• Establish data lifecycle strategies including archival, deduplication, and migration of legacy data
• Implement and manage DLP policies across enterprise platforms (Microsoft 365, SharePoint, endpoints, cloud storage)
• Develop security frameworks, threat models, and response playbooks for data-related risks
• Evaluate and integrate third-party data security and DSPM tools
• Partner with engineering and business leaders to balance security, usability, and operational efficiency
Qualifications:
• Bachelor’s Degree in Computer Science, Information Security, or related field (or equivalent experience)
• 10+ years of experience in information security, data architecture, or related domains
• Strong experience with Snowflake, Azure Purview, Microsoft Defender, and data loss prevention technologies
• Background in data engineering with exposure to governance and oversight functions
• Experience securing AI/ML or LLM-based systems preferred
• Knowledge of regulatory frameworks (e.g., SOX, GDPR, CCPA, NERC)
• Familiarity with cryptographic standards (AES, TLS, SHA) and emerging security practices
• Experience in highly regulated industries (utilities preferred)
• Certifications such as CISSP, GIAC, or Azure Security are a plus
• Strong communication skills with the ability to influence both technical and executive stakeholders
This is a full-time (40 hours/week) contract opportunity with competitive hourly rates and potential for overtime.
This is not a driving role