Principal Security Engineer – Data Protection, Forensic Automation

This is a fully remote position, open to applicants in Mexico.

📋 Description

• Ecosystem Auditing: Oversee and conduct regular audits of WithSecure (EDR), Microsoft Purview (DLP), and Mimecast to confirm the absence of "Catch-all" rules or unauthorized exceptions.

• Identity & Access Governance: Review Okta and Entra ID logs to detect unusual sign-ins, particularly from "Unknown" or "Unmanaged" devices trying to access sensitive SaaS platforms like Salesforce.

• AI-Powered Forensic Pipeline: Develop and implement automation scripts (Python/API) to summarize quarantined emails and attachments utilizing LLMs (Claude/OpenAI), transforming raw security logs into actionable forensic artifacts.

• Data Flow Analysis: Track and audit data transfers between endpoints and cloud storage, ensuring seamless integration between security tools and a centralized repository for ongoing forensic investigations.

• Incident Accountability: Supply forensic evidence for HR and legal actions related to internal data misuse or violations of policy.

⛳️ Requirements

• Over 5 years of experience in Cybersecurity, Digital Forensics, or Security Auditing.

• In-depth knowledge of Microsoft Purview, Okta, and Mimecast.

• Skilled in scripting (Python/APIs) to incorporate AI models into security processes.

• Bilingual: Fluent in Spanish and professional proficiency in English.

• Availability: Standard business hours from Monday to Friday.

🏝️ Benefits

• Contract Type: Independent Contractor (Paid from USA).

• Location: Remote (Mexico).