Data Protection Security Engineer – Netskope

Title: Data Protection Security Engineer – Netskope Lead
Job Type: Contract
Contract Length: 6 Months
Pay Range: $85 - $95/hour
Start Date: ASAP
Location: Hybrid (Onsite in Foster City, CA – minimum of 3 days per week in office)

About the Opportunity:

Our client, a leader in the technology and automotive innovation space, is looking for a skilled Data Protection Security Engineer (Netskope Lead) to join their team for a 6-month engagement. This project involves managing the end-to-end deployment and administration of the Netskope platform, specifically focusing on Next-Generation Secure Web Gateway (NG SWG) and Network Private Access (NPA). Additionally, this role will drive the strategy, design, and testing of a comprehensive Data Loss Prevention (DLP) program. This is a high-impact role that requires a self-motivated professional who can hit the ground running, manage complex enterprise security architectures, and deliver results quickly.

Key Responsibilities & Deliverables:

This role is focused on the successful completion of specific tasks and deliverables. Your responsibilities will include:

• Platform Implementation: Lead the full lifecycle deployment of Netskope NG SWG and NPA, including architecture design, tenant configuration, and integration with identity providers (e.g., Okta, Azure AD).
• Security Policy Management: Configure and maintain SSL/TLS inspection, URL filtering, threat protection profiles, and cloud application controls.
• DLP Strategy & Tuning: Develop, test, and tune comprehensive DLP profiles (covering PII, PHI, PCI, and IP) to ensure detection accuracy while minimizing false positives.
• Access Architecture: Define publisher placement and access policies aligned with zero-trust (ZTNA) and least-privilege principles.
• Documentation & Compliance: Produce and maintain architecture diagrams, operational runbooks, and policy documentation in collaboration with Legal, Compliance, and Data Governance teams.

Required Skills & Experience:

We are looking for someone with a proven track record of successful contract engagements. The ideal candidate will have:

• 8+ years of experience in network security, cloud security, or information security engineering.
• 2+ years of hands-on experience deploying and managing Netskope NG SWG and/or NPA in an enterprise environment.
• Demonstrated experience developing and managing DLP policies, including policy design, testing, and tuning.
• Deep understanding of zero-trust network access (ZTNA) concepts and proxy architectures.
• Demonstrated ability to work autonomously and manage your own time effectively to meet project goals.
• Proficiency with identity and access management platforms (e.g., Okta, Azure AD, SAML, SCIM).
• Strong communication skills to provide clear and concise status updates to security, IT, and business leadership.

W2 only (No C2C or 1099 contractors)

#LI-LG1