Staff Cybersecurity Architect - Data Security & Loss Prevention

The role is for a senior technical leader responsible for designing, implementing, and validating enterprise data security and data loss prevention controls across multi-cloud, SaaS, and on-premises environments. The position requires collaboration with stakeholders to enhance data protection maturity and ensure compliance with regulatory standards.

Location: United States

Salary: $150,770.00 - $224,640.00 Annual

Responsibilities

• Develop, maintain, and evolve enterprise data security and data loss prevention architectures aligned to business objectives, regulatory requirements, and data classification standards.
• Champion the integration of datacentric security controls across endpoint, identity, collaboration, storage, and data platforms, ensuring secure by default and least privilege principles.
• Design and operationalize Microsoft Purview Information Protection and DLP capabilities, including sensitivity labeling, classification, policy enforcement, and user experience considerations.
• Architect and implement Microsoft Defender capabilities (Endpoint, Identity, Office 365, Cloud Apps) to protect data throughout its lifecycle.
• Serve as a senior technical authority for data security and DLP across Windows, macOS, Windows Server, and Linux environments, ensuring consistent enforcement across heterogeneous platforms.
• Integrate Microsoft Security capabilities with complementary platforms such as Varonis Data Security to provide comprehensive data protection.
• Author and maintain data security and DLP standards, reference architectures, and technical guardrails aligned to NIST and internal security frameworks.
• Convert business risks and regulatory obligations into technical requirements and traceable, measurable mitigation strategies.
• Evaluate new platforms, tools, and vendors for strategic fit, security posture, and architectural impact.
• Provide technical leadership, mentorship, and escalation support for complex data security and DLP challenges.
• Communicate control posture, risks, and recommendations clearly to engineering, audit, and leadership stakeholders.
• Continuously assess and improve data security posture through metrics, dashboards, and control validation.
• Collaborate with PKI teams to manage certificate lifecycle operations, including issuance, renewal, revocation, and inventory.

Requirements

• 8+ years of progressive experience in information technology security/infrastructure engineering/architecture.
• 6+ years of data security and data loss prevention control implementation/architecture experience focused on technical control design, implementation, and validation in enterprise environments.
• Demonstrated success designing and deploying enterprise data security and data loss prevention technology controls, platforms, and programs.
• Deep understanding of industry best practices, ISO 27001/27701, SOC 2 and NIST aligned compliance and security frameworks, particularly as they relate to data protection and DLP.
• Strong technical background in data classification, Varonis Data Security, Microsoft Purview, and Microsoft Defender security suite across hybrid on-premise and multi-cloud infrastructure.
• Proven experience supporting audit, regulatory, or certification efforts through technical control implementation and validation.
• Ability to map and document complex systems and data flows; advanced analytical and problem-solving skills, including competency with tooling such as Lucid chart, Visio, Excel.
• Advanced analytical and problem solving skills with strong attention to detail.
• Advanced oral and written communication skills, with a strong ability to work collaboratively to convey technical concepts to engineering, audit, and leadership audiences fostering an outcome focused environment.
• Demonstrated capability to analyze, operationalize, and continuously improve security controls and business processes.
• Hands on experience automating security controls, validation testing, and evidence collection using scripting, APIs, or SOAR platforms.

Benefits

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
• Join the bright and creative minds of RGA, and experience vast, endless career potential.

Additional Information

• The role involves using AI in early screening processes, with a focus on a personalized, thoughtful candidate experience. Compensation ranges from $150,770 to $224,640 annually, with additional benefits including bonuses, long-term incentives, health, and retirement plans. RGA is an equal opportunity employer.