Job Title: Data Security Principal Architect

Location: Allentown, PA (Lehigh Valley) OR Providence, RI (Hybrid – 3 Days Onsite per Week)

Duration: 12+ months contract

Job Overview

The Data Security Principal Architect will serve as a strategic leader and technical expert within the cybersecurity organization, responsible for designing and implementing enterprise-wide data protection frameworks. This role focuses on securing structured, semi-structured, and unstructured data across modern cloud platforms and AI-driven environments.

The ideal candidate will have strong expertise in Microsoft security tools, data governance, and AI/LLM security practices, along with the ability to guide large-scale enterprise security initiatives.

Job Description

This role involves architecting and implementing robust data security solutions by integrating traditional Microsoft Information Protection tools with modern AI-centric data security approaches. The architect will work closely with cybersecurity, data governance, cloud operations, and AI/ML teams to ensure end-to-end data protection, compliance, and risk mitigation across the organization.

The position requires hands-on experience with tools such as Azure Purview, Microsoft Defender, DLP solutions, and Snowflake, along with a strong background in data engineering and enterprise architecture.

Roles and Responsibilities

• Define and lead the enterprise data protection strategy across all data types (structured, semi-structured, unstructured).
• Align data security practices with regulatory and compliance requirements such as NERC, SOX, CCPA, and GDPR.
• Architect and implement Azure Purview for data classification, governance, and insider risk management.
• Design and manage Data Loss Prevention (DLP) policies across endpoints, cloud platforms, email, and collaboration tools (Microsoft 365, SharePoint).
• Lead the secure implementation of AI data pipelines, including Retrieval-Augmented Generation (RAG) architectures and vector databases.
• Implement encryption strategies such as Transparent Data Encryption (TDE) and evaluate advanced methods like Fully Homomorphic Encryption (FHE) and Differential Privacy (DP).
• Develop and execute strategies for legacy data cleanup, including de-duplication, archiving, migration, and long-term retention optimization.
• Define Data Security Posture Management (DSPM) strategy and architecture.
• Establish data incident response protocols and security playbooks.
• Evaluate and integrate third-party tools for data discovery, monitoring, and tokenization.
• Provide architectural guidance and security best practices to product, engineering, and AI/ML teams.
• Develop threat models, security patterns, and governance frameworks.
• Collaborate with stakeholders to balance security, usability, and operational efficiency.

Required Qualifications and Certifications

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• 10+ years of experience in Information Security, Data Security, or Data Architecture roles.
• Strong hands-on experience with:
  • Azure Purview
  • Microsoft Defender
  • Data Loss Prevention (DLP) tools
  • Snowflake
• Experience working with data engineering teams or in data-driven environments.
• Knowledge of data protection in cloud platforms, including Azure and data lakes (e.g., Azure Synapse).
• Strong understanding of cryptographic standards such as AES, SHA, and TLS.
• Familiarity with modern data security concepts including DSPM and AI/LLM security practices.
• Experience in highly regulated industries is preferred.
• Professional certifications preferred:
  • CISSP
  • SANS/GIAC
  • Microsoft Azure Security certifications
• Strong communication, leadership, and stakeholder management skills.
• Ability to assess and balance security risks with business and operational needs.