Senior Data Security Engineer (DRM Specialist)

Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets. We leverage more than 17 years of support to stakeholders across the federal government, with established and growing capabilities across Intelligence, Analytics, Engineering, Mission Support, and Communications disciplines. Founded in 2008, our mission is to transform the way our customers approach constantly changing and complex problem sets by bringing to bear the latest in technology and the highest caliber of talent.

Headquartered in Washington, DC's historic Dupont Circle neighborhood, Barbaricum also has a corporate presence in Tampa, FL, Bedford, IN, and Dayton, OH, with team members across the United States and around the world. As a leader in our space, we partner with firms in the private sector, academic institutions, and industry associations with a goal of continually building our expertise and capabilities for the benefit of our employees and the customers we support. Through all of this, we have built a vibrant corporate culture diverse in expertise and perspectives with a focus on collaboration and innovation. Our teams are at the frontier of the Nation's most complex and rewarding challenges. Join our team.

Barbaricum is seeking a Senior Data Security Engineer (DRM Specialist) to support a Zero Trust cybersecurity initiative for U.S. Special Operations Command (USSOCOM). This role will serve as the technical subject matter expert for Digital Rights Management (DRM), encryption policy enforcement, and data-centric security architecture across classified and unclassified environments.

 

The selected candidate will design and implement attribute-based encryption and rights management policies to ensure sensitive data remains protected regardless of location or transport. This position plays a critical role in integrating identity attributes, data classification, and encryption technologies to enable dynamic, policy-driven access control across the enterprise.

 

Responsibilities:

• Architect and configure enterprise DRM platforms including Kiteworks Private Content Network and Microsoft Purview Information Protection.
• Design and implement Attribute-Based Access Control (ABAC) policies to enforce dynamic access decisions based on user clearance, role, and device trust posture.
• Manage the lifecycle of encryption keys and cryptographic infrastructure, including Bring Your Own Key (BYOK) and customer-managed key models.
• Implement advanced secure collaboration capabilities allowing controlled viewing and editing of sensitive documents.
• Configure rights management policies restricting unauthorized actions such as copy, printing, screen capture, or external sharing.
• Integrate DRM platforms with identity systems and data classification tools to ensure consistent policy enforcement.
• Support operations across hybrid and air-gapped classified networks.

 

Required Qualifications:

• Active DoD Top Secret clearance with SCI eligibility.
• Master’s degree in Cybersecurity, Computer Science, Mathematics, or related technical field.
• 10+ years of relevant cybersecurity or data protection experience.
• Extensive experience implementing enterprise Digital Rights Management (EDRM) or Information Rights Management (IRM) solutions.
• Strong knowledge of cryptographic protocols and standards (AES-256, RSA, PKI).
• Experience designing and implementing Attribute-Based Access Control (ABAC) policies.
• Experience supporting cross-domain or classified network environments.

 

Preferred Qualifications:

• Experience with Hardware Security Modules (HSM) such as Thales or Entrust.
• Knowledge of NIST SP 800-53 security controls.
• Experience integrating DRM platforms with identity governance solutions such as SailPoint.
• Kiteworks administrator certification.

 

Required Certifications:

• CompTIA Security+ CE (DoD 8570 IAT Level II)

Preferred Certifications:

• Microsoft Information Protection Administrator (SC-400)
• Certified Information Systems Security Professional (CISSP)

EEO Commitment

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.