Data Security Engineer

Paymentus • Full-time • Richmond Hill, ON, CA • $110k - $135k / year • 2d ago

Summary/Objective

Paymentus is seeking a Data Security Engineer to join our Cyber Security team with a strong focus on Data Loss Prevention (DLP) and Data Security Posture Management (DSPM). This role will be instrumental in implementing and scaling DSPM capabilities, while also helping mature and operationalize the DLP program across the organization. You will work across cloud and SaaS environments to ensure sensitive data is properly discovered, classified, monitored, and protected throughout its lifecycle.

DLP Program Maturity & Operations

Enhance and mature the organization’s DLP program, improving coverage, accuracy, and effectiveness.
Develop and fine-tune DLP policies to monitor and protect data in-use, in-transit, and at-rest.
Configure and optimize DLP tools to reduce false positives and improve detection fidelity.
Build and maintain incident response workflows for DLP alerts and data policy violations.
Partner with SOC and other teams to investigate and respond to data security incidents.
Define metrics, dashboards, and reporting to track DLP program effectiveness and maturity.

DSPM Implementation & Data Visibility

Lead or support the implementation of DSPM solutions across cloud and SaaS environments.
Identify, classify, and map sensitive data across systems (structured and unstructured).
Establish data inventory and data flow visibility to understand how sensitive data moves across the organization.
Continuously assess and reduce data exposure risks (over-permissioned data, shadow data, unused sensitive data).
Integrate DSPM insights into DLP controls and broader security operations.

Engineering & Integration

Design and implement scalable data protection architectures across SaaS, cloud, and endpoint environments.
Integrate DLP and DSPM tools with SIEM/SOAR platforms for automated detection and response.
Develop scripts or automation to improve policy enforcement, alert triage, and reporting.
Troubleshoot and resolve issues related to performance, reliability, and coverage of data security tools.

Governance, Compliance & Best Practices

Support compliance initiatives such as PCI-DSS, SOC 2, GDPR, and other data protection standards.
Assist in defining and maintaining data protection policies, standards, and procedures.
Provide audit support and documentation for internal and external security assessments.
Act as a subject matter expert (SME) for data security and data protection best practices.

Collaboration & Enablement

Work with engineering, product, legal, and business teams to ensure secure handling of sensitive data.
Provide guidance, training, and awareness on data protection best practices.
Promote a security-first and automation-driven mindset across teams.

TECHNICAL QUALIFICATIONS:

4–7+ years of experience in Data Security, DLP, or related cybersecurity roles.
Hands-on experience with DLP technologies (preferably Cyberhaven or similar tools).
Experience implementing or working with DSPM solutions.
Strong understanding of data classification, data lifecycle, and data protection strategies.
Experience in cloud and SaaS environments (e.g., AWS, Azure, GCP, Office365, Google Workspace).
Experience with security tool integration (SIEM, APIs, automation tools).
Scripting or automation experience (e.g., Python, PowerShell, or similar).
Strong analytical and troubleshooting skills with a focus on root cause analysis.

Nice to have:

Familiarity with identity platforms (e.g., Okta) and basic IAM concepts.
Experience with cloud email DLP (Office365, Google Workspace).
Knowledge of DSPM best practices and frameworks.
Understanding of compliance frameworks (PCI-DSS, HIPAA, GDPR, SOC 2).
Relevant certifications (e.g., CISSP, CISM, or similar).

SOFT SKILLS:

Has a good understanding of security concepts and interested in further developing security skills.
Has an automation mindset.
Capable of working in a fast-paced environment, adapting to changing priorities.
Self-starter with an appreciation for technical challenges and complex problems.
Focused and detail-oriented.
Able to work independently and as part of a multidiscipline team.

During the interview process, we're evaluating your individual problem-solving skills, creativity, and approach to challenges. While AI tools are part of your daily toolkit once you join, all interviews, assessments, and take-home assignments must be completed independently. You may not use AI tools, third-party services, coaching platforms, or content-farming services during any part of the interview process unless we explicitly permit it. We will clearly communicate when AI tools are allowed for specific assessments. Any indication of third-party assistance or AI-generated responses will result in immediate disqualification.

EEO Statement

Paymentus is an equal opportunity employer. We enthusiastically accept our responsibility to make employment decisions without regard to race, religious creed, color, age, sex, sexual orientation, national origin, ancestry, citizenship status, religion, marital status, disability, military service or veteran status, genetic information, medical condition including medical characteristics, or any other classification protected by applicable federal, state, and local laws and ordinances. Our management is dedicated to ensuring the fulfillment of this policy with respect to hiring, placement, promotion, transfer, demotion, layoff, termination, recruitment advertising, pay, and other forms of compensation, training, and general treatment during employment.

Reasonable Accommodation

Paymentus recognizes and supports its obligation to endeavor to accommodate job applicants and employees with known physical or mental disabilities who are able to perform the essential functions of the position, with or without reasonable accommodation. Paymentus will endeavor to provide reasonable accommodations to otherwise qualified job applicants and employees with known physical or mental disabilities, unless doing so would impose an undue hardship on the Company or pose a direct threat of substantial harm to the employee or others.

An applicant or employee who believes he or she needs a reasonable accommodation of a disability should discuss the need for possible accommodation with the Human Resources Department, or his or her direct supervisor.