Data Protection Engineer

Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets. We leverage more than 17 years of support to stakeholders across the federal government, with established and growing capabilities across Intelligence, Analytics, Engineering, Mission Support, and Communications disciplines. Founded in 2008, our mission is to transform the way our customers approach constantly changing and complex problem sets by bringing to bear the latest in technology and the highest caliber of talent.

Headquartered in Washington, DC's historic Dupont Circle neighborhood, Barbaricum also has a corporate presence in Tampa, FL, Bedford, IN, and Dayton, OH, with team members across the United States and around the world. As a leader in our space, we partner with firms in the private sector, academic institutions, and industry associations with a goal of continually building our expertise and capabilities for the benefit of our employees and the customers we support. Through all of this, we have built a vibrant corporate culture diverse in expertise and perspectives with a focus on collaboration and innovation. Our teams are at the frontier of the Nation's most complex and rewarding challenges. Join our team.

Barbaricum is seeking a Data Protection Engineer to support the implementation of data-centric security controls for a Zero Trust program at U.S. Special Operations Command (USSOCOM). This role will be responsible for configuring and deploying enterprise data protection technologies across hybrid cloud and classified environments.

The selected candidate will translate security architecture into operational policies that ensure sensitive data is properly classified, encrypted, and protected throughout its lifecycle. This role will support the deployment and tuning of enterprise data protection tools to enable persistent, policy-driven protection of sensitive data across the enterprise.

Responsibilities:

• Implement Microsoft Purview Information Protection, including sensitivity labels and automated classification policies.
  • Configure Data Loss Prevention (DLP) rules within Microsoft 365 environments to protect Controlled Unclassified Information (CUI) and Personally Identifiable Information (PII).
  • Deploy and manage enterprise Digital Rights Management (DRM) solutions such as Virtru or Kiteworks within classified network environments.
  • Tune detection rules and classification models to reduce false positives and improve enforcement accuracy.
  • Transition security policies from monitoring to enforcement while minimizing mission disruption.
  • Collaborate with endpoint security teams to ensure consistent enforcement of classification and protection policies.
  • Support cross-domain operations and configuration updates within air-gapped environments.

Required Qualifications:

• Active DoD Top Secret clearance with SCI eligibility.
  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or related technical field.
  • 3–10 years of relevant experience (Journeyman) or 10+ years of experience (Senior).
  • Hands-on experience configuring Microsoft Purview Information Protection and Data Loss Prevention (DLP).
  • Experience implementing enterprise encryption or Digital Rights Management platforms.
  • Strong understanding of data classification methodologies and sensitive data detection techniques.
  • Ability to troubleshoot complex issues related to encryption key management, policy propagation, and endpoint enforcement.

Preferred Qualifications:

• Experience with Trellix (formerly McAfee) endpoint DLP solutions.
  • Experience with enterprise data discovery platforms such as BigID or NetApp BlueXP.
  • Prior experience supporting USSOCOM or operating within classified networks.
  • Familiarity with DoD data handling policies and CUI requirements.

Certifications:

• Required: CompTIA Security+ CE (DoD 8570 IAT Level II).
  • Preferred: Microsoft Information Protection Administrator (SC-400).
  • Preferred: Virtru Certified Professional or Kiteworks Administrator Certification.

EEO Commitment

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.