Data Protection Security Engineer – Netskope Lead

Expected compensation: 107.15 USD Per HourHireArt is helping an on-demand, autonomous ride-hailing company find a Data Protection Security Engineer – Netskope Lead to lead the enterprise implementation, administration, and optimization of Netskope security platforms, including Next-Generation Secure Web Gateway (NG SWG), Network Private Access (NPA), and Data Loss Prevention (DLP).In this role, you’ll own the end-to-end deployment, configuration, and operational health of the Netskope environment while driving enterprise-wide DLP initiatives and zero-trust access strategies. You’ll partner closely with cross-functional teams to develop scalable security policies, strengthen cloud and web security controls, and protect sensitive organizational data.The ideal candidate brings deep hands-on Netskope expertise, strong cloud and network security knowledge, and experience building and managing DLP programs within complex enterprise environments.As a Data Protection Security Engineer – Netskope Lead, You'llLead the deployment, configuration, and ongoing administration of Netskope NG SWG and NPA platforms across the enterprise environment. Design and maintain security controls, including SSL/TLS inspection, URL filtering, cloud application controls, threat protection profiles, and traffic steering policies. Develop and implement zero-trust access strategies by configuring application segmentation, least-privilege access policies, and private application onboarding within Netskope NPA. Integrate Netskope with identity and access management platforms such as Okta, Azure AD, SAML, and SCIM for user-based policy enforcement. Manage Netskope client deployment and coordinate endpoint integrations with IT and endpoint engineering teams. Establish and maintain logging, monitoring, alerting, and reporting integrations with SIEM and security operations platforms. Develop and maintain enterprise DLP policies protecting sensitive data types, including PII, PHI, PCI, intellectual property, and other confidential information. Conduct DLP policy testing, tuning, and validation activities to improve detection accuracy and minimize false positives. Investigate and respond to DLP alerts, security events, and policy violations while supporting incident escalation processes. Partner cross-functionally with Legal, Compliance, Data Governance, Security, and Infrastructure teams to align policies with organizational security and regulatory requirements. Create and maintain architecture documentation, operational runbooks, and security procedures while providing guidance to junior engineers and operational teams. Serve as the subject matter expert for Netskope platforms, cloud security controls, and enterprise DLP strategy. Requirements8+ years of experience in network security, cloud security, or information security engineering2+ years of hands-on experience deploying and administering Netskope NG SWG and/or NPA within enterprise environmentsStrong experience designing, implementing, and tuning DLP policies and programsStrong understanding of zero-trust network access (ZTNA), SASE, and cloud security architecturesExperience with SSL/TLS inspection, proxy technologies, CASB functionality, and web security controlsWorking knowledge of identity and access management technologies, including Okta, Azure AD, SAML, and SCIMFamiliarity with regulatory and compliance frameworks such as HIPAA, PCI-DSS, GDPR, and CCPAStrong troubleshooting, analytical, and incident response skillsExcellent documentation, communication, and cross-functional collaboration skillsPreferred QualificationsNetskope One Professional or equivalent Netskope certificationsExperience integrating Netskope with SIEM or SOAR platforms such as Splunk or Microsoft SentinelBackground in endpoint security, SASE, or broader SSE architecture implementationsExperience with scripting or automation using Python or PowerShellFamiliarity with additional DLP platforms or enterprise security technologiesBenefitsPre-tax commuter benefits Employer (HireArt) subsidized healthcare benefits (eligibility begins on the first of the month following 60 days of service)Flexible Spending Account for healthcare-related costsHireArt covers all costs for short- and long-term disability and life insurance401k packageCommitment: This is a full-time, ongoing contract position staffed via HireArt. The role requires at least three days per week onsite and is available to candidates local to the Foster City, CA area.HireArt values diversity and is an Equal Opportunity Employer. We are interested in every qualified candidate who is eligible to work in the United States. Unfortunately, we are not able to sponsor visas or employ corp-to-corp.