Information Security Senior Engineer

Who are we?

A place where tech thinkers and future builders turn bold ideas into breakthrough experiences, we welcome your unique perspective.

Help us challenge assumptions, uncover bias, and remove barriers—because progress starts with fresh ideas. You’ll find belonging, purpose, and a team that welcomes you—because when you feel valued, you’re empowered to do your best work.

Job Summary

The Digital Information Security Engineering team is seeking a Senior Data Protection Engineer to design, implement, and scale enterprise data protection capabilities with a strong focus on CASB, DSPM, eDLP, Secure File Sharing, and Data Movement Controls.

This role is responsible for safeguarding sensitive data across SaaS, web, endpoint, and cloud environments by leveraging real-time inline inspection, deep content classification, and advanced document matching techniques. The ideal candidate is a hands-on engineer with deep expertise in data protection controls, capable of operationalizing data-centric security within a Zero Trust architecture.

Responsibilities

DSPM (Data Security Posture Management)

• Implement and optimize DSPM to continuously discover and classify sensitive data across:

  • SaaS applications

  • Cloud storage and object stores

  • Unstructured data repositories

• Analyze data security posture, identifying:

  • Overshared or publicly exposed data

  • Sensitive data sprawl

  • Misconfigured access controls

• Drive risk-based remediation workflows in partnership with data owners and application teams

• Establish continuous monitoring of data exposure and compliance posture

Advanced Data Detection & Protection

• Design and deploy eDLP policies to inspect and control data in motion across web and cloud channels

• Implement advanced detection techniques, including:

  • Exact Data Match (EDM) for structured sensitive data (e.g., PII, PCI, financial datasets)

  • Indexed Document Matching (IDM) for unstructured documents and intellectual property protection

  • Regex, keyword, and contextual data classification rules

• Build, tune, and maintain EDM data sets and IDM fingerprinting repositories to protect critical business data

• Configure real-time enforcement actions:

  • Block, quarantine, alert, or coach users

• Continuously optimize detection accuracy by reducing false positives/false negatives

Secure File Sharing & Data Movement Controls

• Enforce secure data transfer policies across:

  • Web uploads and downloads

  • SaaS file sharing and collaboration tools

  • Third-party and external data exchanges

• Implement safeguards against:

  • Unauthorized data exfiltration

  • Risky upload behavior

  • Unapproved sharing channels

• Support business collaboration requirements while ensuring strong data protection controls

CASB & SaaS Security

• Design and implement CASB controls (inline and API-based) to secure SaaS platforms such as M365, Google Workspace, and Salesforce

• Enforce granular access and session controls, including:

  • Inline transaction control (upload/download restrictions)

  • Session-based enforcement (block, coach, isolate, redact)

  • Adaptive policies based on user, device, and risk context

• Identify and mitigate risks related to:

  • Shadow IT

  • OAuth app abuse

  • SaaS misconfigurations and oversharing

• Align CASB policies with Zero Trust principles and least-privilege access models.

Automation & Integration Engineering

• Develop automation using Python and APIs to:

  • Manage policies programmatically

  • Automate lifecycle management of EDM/IDM datasets

  • Trigger remediation workflows based on DSPM findings

• Integrate with SIEM/SOAR platforms for centralized monitoring and response

• Build tooling to enhance visibility, reporting, and operational efficiency

Security Monitoring & Risk Reduction

• Review and tune DLP and CASB alerts, focusing on data exfiltration and misuse.

• Define and track key data protection metrics, including:

  • Sensitive data exposure trends

  • Policy enforcement effectiveness

  • Data exfiltration attempts

• Conduct data risk assessments and continuous control validation

• Tune and refine policies to maintain high efficacy and low business disruption

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field

• 7–10+ years of experience in data protection or security engineering

Required Expertise

• Hands-on experience with:

  • CASB (inline and API modes)

  • DSPM

  • eDLP

  • Exact Data Match (EDM)

  • Indexed Document Matching (IDM)

• Strong understanding of:

  • Data classification and content inspection

  • Data exfiltration vectors and prevention techniques

  • SaaS and cloud data security risks

• Experience implementing Zero Trust data protection strategies

Technical Skills

• Strong scripting/programming skills (Python preferred)

• Experience with:

  • REST APIs and security integrations

  • SIEM/SOAR platforms

  • Cloud environments (AWS, Azure, GCP)

• Understanding of identity, access control, and conditional access models

Successful Candidate Will

• Be deeply hands-on with data protection technologies

• Take a data-first approach to security, focusing on measurable risk reduction

• Demonstrate strong analytical and tuning expertise, especially with EDM/IDM

• Be proactive, curious, and continuously improving data protection coverage and accuracy

• Thrive in a fast-paced, diverse, and constantly evolving environment

The targeted pay range for this position in the following location is / locations are:

United States - Dallas Infomart Office DAI : 136,000 - 204,000 USD / Annual

Our pay ranges reflect the minimum and maximum target for new hire pay for the full-time position determined by role, level, and location.The pay range shown is based on our compensation structure in place at the time of posting and may be updated periodically based on business needs. Individual pay is based on additional factors including job-related skills, experience, and relevant education and/or training.

The targeted pay range listed reflects the base pay only and does not include bonus, equity, or benefits. Employees are eligible for bonus, and equity may be offered depending on the position.

Equinix Benefits

As an employee, you become important to Equinix’s success. We ensure all your benefits are in line with our core values: competitive, inclusive, sustainable, connected and efficient. We keep them competitive within the current marketplace to ensure we’re providing you with the best package possible. So, wherever you are in your career and life, you’ll be able to enhance your experience and bring your whole self to work.

Employee Assistance Program: An Employee Assistance program is available to all employees.

US Benefits: - Insurance: You may enroll in health, life, disability and voluntary plans that are designed for you and your eligible family members. - Retirement: You and Equinix may contribute to a retirement plan to help you plan for your financial future. - Paid Time Off (PTO) and Paid Holidays: You will receive an accrued amount of PTO each pay period along with various paid holidays for you to rest and recharge. Eligibility requirements apply to some benefits. Benefits are subject to change and may be subject to specific plan or program terms.

Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability.  If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.

Equinix is an Equal Employment Opportunity and, in the U.S., an Affirmative Action employer.  All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law. 

We use artificial intelligence in our hiring process. Learn more here.

This posting is for a backfill position, meaning it is to fill an existing vacancy within our organization.