Mission freelance [LFR] Ingénieur DLP à Nice (80% remote) - 1549

he Cyber Security team has a mission for a DLP engineer.

The mission requires strong hands‑on experience with Microsoft Purview DLP, DSPM, IRM module and MDCA and a solid background in Data Loss Prevention across M365, endpoints, and cloud services.

Knowledge of Netskope or any other leading CASB/SWG/DLP solution (Zscaler, Symantec, Palo Alto, etc.) is a strong plus.

The engineer will operate, optimize, and expand Amadeus data protection and detection capabilities, working closely with the SOC to strengthen threat detection, incident response, and data security controls.

Rôles et responsabilités sur le projet

Objectifs

-

Design, develop and deploy DLP controls

Qualifications:

- Bachelor’s degree in Computer Science, Information Security, or a related field. Relevant certifications (such as CISSP, SANS, etc.) are a plus.

- 5+ years of experience working in a Security Operations Center (SOC) or Security Engineering department.

- Hands-on experience with Microsoft Purview DLP (M365, Endpoint DLP, Cloud Apps).

- Knowledge of CASB/SWG/DLP tools (Netskope, Zscaler, Symantec/Broadcom, Palo Alto, etc.) is a strong advantage.

- Experience with and DSPM platforms (Wiz, Netskope DSPM, Varonis, etc.) is an asset.

- Familiarity with EDR tools like CrowdStrike or Defender for Endpoint is also beneficial.

- Strong understanding of DLP concepts, data classification, and data protection strategies.

- Experience with SIEM platforms (Sentinel, Splunk) and log analysis.

- Basic scripting skills (PowerShell, Python, KQL).

- Good understanding of network protocols, encryption, and exfiltration techniques.

- Ability to work collaboratively in a team environment and manage multiple projects.

- Strong communication and problem‑solving skills.

- Passion for learning and a proactive approach to threat identification and mitigation.

Objectifs et livrables

-

Deploy, configure, and maintain Microsoft Purview/MDCA DLP policies across M365, endpoints, and cloud applications.

Create, tune, and maintain DLP rules, data profiles, and incident workflows across email, SharePoint/OneDrive, Teams, endpoints, cloud, and web channels.

Reduce false positives and improve detection accuracy through continuous tuning.

Support data classification, sensitivity labels, and governance initiatives (Purview or DSPM tools).

Develop detection rules, threat-hunting use cases, and response playbooks using Purview and other security tool logs.

Assist SOC analysts during investigations, especially in data exfiltration scenarios.

Integrate Purview, Sentinel and DLP logs with the SIEM and other SOC technologies.

Document test plans, tuning guides, and DLP operational procedures.

Work with internal IT, Cloud, and SOC teams to ensure proper data protection coverage.

Contribute to evaluating and onboarding new security technologies.