Security Operations Engineer

At Cetera, our Information Security organization is responsible for protecting sensitive client, advisor, and enterprise data across a complex hybrid environment that includes on premises infrastructure, SaaS platforms, and public cloud services. 

We are seeking a Senior Security Engineer with strong experience in data discovery, classification, and protection to lead the implementation and operation of modern data security posture management (DSPM) and data loss prevention (DLP) platforms. This role is highly technical and hands-on, with direct ownership of tools that provide enterprise-wide visibility into data risk and exposure.

•    Lead the design, implementation, and day to day operation of DSPM and DLP solutions.
o    Discover and classify sensitive, regulated, and business critical data
o    Continuously assess data exposure, access paths, and misconfigurations
o    Identify and prioritize data security risks across cloud, SaaS, and enterprise systems
o    Policy design aligned to data classification and regulatory obligations
o    Integration with endpoint, email, cloud, and SaaS enforcement points
o    Alert tuning, investigation workflows, and response support

•    Partner closely with cloud security, IAM, application security, and infrastructure teams to:
o    Reduce unnecessary data exposure
o    Eliminate overly permissive access and legacy data paths
o    Implement secure data handling patterns by design

•    Support audit, compliance, and risk management efforts, including:
o    FINRA, SEC, and internal control requirements
o    Evidence collection and reporting related to data protection
o    Validation of data ownership, access controls, and classification accuracy

•    Develop and maintain:
o    Data security standards, implementation patterns, and architecture diagrams
o    Operational runbooks, escalation paths, and support documentation
o    Reference designs that support consistent data security controls across environments

•    Act as a data security subject matter expert, advising leadership on:
o    Data exposure trends and systemic risks
o    Control effectiveness and gaps
o    DSPM and DLP roadmap enhancements

•    5+ years of experience in information security engineering, with a strong focus on data security, data protection, or cloud security
•    Hands on experience implementing or operating one or more modern DSPM, data discovery, or data classification platforms.
•    Experience implementing or supporting enterprise DLP solutions, including:
o    Endpoint, email, SaaS, and/or cloud data controls
o    Policy tuning to reduce false positives while maintaining strong coverage
•    Solid understanding of:
o    Structured and unstructured data types
o    Data classification schemes and sensitivity levels
o    Data lifecycle risks (creation, access, sharing, storage, and deletion)
•    Experience securing data across:
o    Public cloud platforms (AWS and/or Azure)
o    SaaS applications
o    Enterprise file systems and data repositories
•    Familiarity with security and regulatory frameworks, including:
o    NIST CSF and NIST 800 53
o    FINRA and SEC requirements
o    Data protection and privacy control expectations
•    Demonstrated ability to translate technical findings into risk-based remediation priorities

#LI- Hybrid