Lead DLP Content Development Information Security Engineer

About This Role

Wells Fargo is seeking a Lead DLP Content Development Information Security Engineer with deep expertise in Data Loss Prevention (DLP) policy authoring and content development. This role is responsible for designing, authoring, testing, and tuning DLP rules that protect sensitive data across various channels, translating business and regulatory requirements into precise detection logic. The ideal candidate will continuously improve signal quality, produce technical documentation, and partner with various teams to implement effective, scalable DLP controls.

Responsibilities

• Author, maintain, and optimize DLP rules and policies using techniques such as regular expressions, keyword/dictionary-based detection, Exact Data Match (EDM)/Indexed Data Match (IDM), document fingerprinting, machine-learning classifiers, and classification labels/metadata.
• Translate business requirements, regulatory obligations, and risk scenarios into detection logic, comprehensive test cases, and promotion criteria.
• Conduct technical investigations of security events and incidents, including post-incident analysis and digital forensics, to identify root causes and recommend mitigation strategies.
• Continuously tune DLP policies to reduce false positives and negatives using telemetry, triage feedback, and controlled experimentation, measuring and reporting precision, recall, and block efficacy.
• Manage DLP policy-as-code artifacts using version control, peer review, and change-management processes, maintaining traceability from requirement to implementation.
• Develop and maintain operational runbooks, exception/release-code workflows, user-facing guidance/FAQs, and release notes for policy updates and changes.
• Partner with DLP operations and Incident Response teams to triage alerts and events, analyze trends/root causes, and drive corrective actions with data owners and application teams.
• Define, track, and report key performance and risk indicators (KPIs/KRIs), including alert volumes, false-positive rates, channel coverage, and policy maturity.
• Support audits and regulatory exams by preparing evidence, maintaining documentation, and supporting quarterly and annual reviews.
• Align DLP rules and enforcement with Wells Fargo's information classification and labeling program, ensuring consistent use of tags and labels in policy conditions.
• Serve as a subject matter expert for SaaS and application security reviews, AppMail and data-egress use cases, and secure data-sharing controls.
• Collaborate cross-functionally with Information Protection, Risk, Legal, Messaging & Collaboration, Endpoint, and Cloud teams to safely deploy and evolve controls.
• Mentor peers and contribute to standards, reusable patterns, and best practices for DLP engineering and security content development.

Requirements

• 5+ years of Engineering experience
• 5+ years of experience in information protection, DLP engineering, or security content development
• Hands-on experience authoring and managing policies on one or more enterprise DLP platforms (Microsoft Purview, Broadcom (Symantec) DLP, Forcepoint, Proofpoint, Zscaler, or equivalent)
• Strong expertise in regex and pattern-matching techniques
• Working knowledge of EDM/IDM
• Familiarity with sensitive data types (PII, PHI, PCI)
• Familiarity with data classification and labeling
• Familiarity with modern collaboration and productivity platforms (Microsoft 365, Google Workspace)
• Scripting and query proficiency (PowerShell, SQL, and/or Python)
• Experience working in Git-based version control and CI/CD workflows
• Excellent written communication and documentation skills

Qualifications

• 5+ years of Engineering experience, or equivalent demonstrated through work experience, training, military service, or education. 5+ years of experience in information protection, DLP engineering, or security content development.

Nice to Have

• Experience in financial services or other highly regulated industries
• Familiarity with NIST 800-53 / 800-171
• Familiarity with ISO/IEC 27001
• Familiarity with Data privacy and protection requirements
• Knowledge of endpoint DLP, CASB/SSE, secure web gateways, email security, OCR, and document fingerprinting technologies
• Background in exception governance and release-code processes

Skills

* Required skills

Benefits

Certifications