Corporate Security Engineer - Data Governance and DLP

Category-defining tech. Career-defining work.

Lots of tech companies disrupt. But, many fail when they try to scale. We're different. CockroachDB makes it easier for companies to build and scale apps. This is how and why we're helping some of the most innovative companies on the planet. We tackle problems head-on and focus on solutions that create lasting impact. 

Because when our customers win, we all win. 

 

The Role

Cockroach Labs is looking for an experienced Data Governance and Data Loss Prevention Engineer to join our Corporate Engineering team. This is a hands-on, cross-functional role focused on protecting Cockroach Labs’ data across endpoints, cloud platforms, and SaaS applications. You’ll take a leading role in the management of our DLP program, participate in incident response, and coordinate with the rest of the team on other aspects of Cockroach Lab’s corporate security. 

The ideal candidate has experience working on enterprise-level DLP programs, including hands-on work with CASB tools like Netskope, Zscaler, or similar. You know how to strike the right balance between strong data protections and enabling business operations, and you’re excited about building out a scalable data governance framework as we continue to grow. The right candidate is self motivating, eager to learn, and able to provide a high standard of user support when needed.

In this role, you’ll also have an opportunity to make a significant impact by helping to level up our Data Loss Prevention program and build out our Data Governance framework.

You Will

• Support the design, implementation, and maintenance of DLP controls to safeguard sensitive data.
• Administer and optimize CASB platforms such as Netskope or Zscaler to enforce policies across cloud apps and data flows.
• Develop and maintain scalable data classification and governance frameworks aligned with business and regulatory needs.
• Monitor, triage, and respond to DLP alerts and incidents across email, endpoints, and SaaS environments.
• Help analyze and reduce the use of Shadow IT and SaaS application sprawl generally.
• Collaborate with Legal, Compliance, and other teams to improve the vendor management and review process, as well as the AI application review process, as it relates to Data Governance and data loss prevention. 
• Design and implement automation to improve DLP visibility and reduce manual processes.
• Define and track KPIs for DLP effectiveness; regularly report findings and risk trends to leadership.
• Partner with legal, compliance, and security teams to support initiatives related to SOC 2, ISO 27001, GDPR, and third-party risk.
• Support internal security awareness programs and training initiatives around data handling and protection.
• Conduct risk assessments and recommend control improvements for internal and vendor data practices.
• Participate in incident response efforts, including investigation, containment, and remediation.
• Collaborate with the rest of the Corporate Security team and provide backup for other CorpSec functions as required. 
• Collaborate with IT and security teams to align access management, endpoint security, and governance policies

The Expectations

In your first 30 days, you will become an integrated member of our Corporate Engineering Team. You’ll become familiar with our existing systems and processes. We believe that it's essential for you to take this first month to become familiar with our technology, processes and our company.

In your second month, you will collaborate with the team in order to evaluate the current state of the DLP program and set a course for improvements and scope out projects to bolster our security posture. You will work to implement new DLP policies and enhance existing ones. 

In your third month, you will begin to take the reins of our Data Loss Prevention program and begin to build our new Data Governance framework. You will lead the effort to monitor and respond to DLP related security events, working to fine tune detections and reduce false positives. You will begin to set KPIs for the DLP program in order to track its effectiveness.

You Have

• 4+ years of experience in a Security Operations/IT security position
• 2+ years of hands-on experience with DLP tools and technologies (e.g., endpoint, web proxy, and email solutions). Specific experience with Netskope preferred.
• A strong understanding of standard corporate IT systems such as office networks, physical security systems, email and DNS configuration, file sharing systems, etc. 
• Experience independently managing short and long term projects.
• Experience with local and SaaS AI tools, as well as AI tool data flows. Knowledge of and experience with cutting edge AI tools like agentic models and MCP preferred. 
• Knowledge of security and compliance frameworks like NIST, SOC2, ISO270001, PCI-DSS.
• Experience performing risk assessments, gap assessments, and threat modeling. 
• Strong knowledge of overall security concepts and best practices. 
• Experience with SIEM tools preferred, not required. Creating detections, automated responses a plus.
• Experience with creating automations with low/no code automation tools, such as Tines, or using a scripting language like python, nice to have.
• Experience with IT systems like Okta, Google Workspace, Crowdstrike Falcon, 1Password, etc nice to have.
• Relevant security certifications such as Sec+, CISSP, or DLP related certifications preferred but not required.

The Team

In addition to your reporting director, you will work closely with senior management.

Reporting to Richard Dachtera - Senior Manager, Corporate Engineering

Richard is the founding member of the Corporate Engineering team at Cockroach Labs. Over the last two and a half years he’s owned every aspect of the organization. He helped bring the company to SOC2 compliance, supported the company during the COVID transition and opened three offices for the company. Before Cockroach Labs he spent five years at Dropbox as their founding Corporate Engineer hire in New York and then Seattle. 

Mike Geehan  - Senior Director of Security

Mike Geehan is responsible for the safety and security of CockroachDB Cloud and surrounding infrastructure. Mike joined Cockroach Labs from a DC based start-up, and prior to that spent time in larger tech companies in a wide range of roles. Mike is focused on team development. Enabling and growing his team is paramount to the success of the team, and hence the business as a whole. Mike is based in Houston, Texas, and outside of work is focused on his family, his bikes, and in getting a cycling related non-profit organization off the ground.

 

Cockroach Labs is proud to be an Equal Opportunity Employer building a diverse and inclusive workforce. If you need additional accommodations to feel comfortable during your interview process, please email us at accessibility@cockroachlabs.com.

Cockroach Labs has a hybrid work model, with Roachers that are local to one of our offices coming in on Mondays, Tuesdays, and Thursdays and working flexibly the rest of the week. While we’ve learned valuable lessons working remotely, nothing can replace the connection, creativity, and fun that occurs when Roachers get together and we are committed to fostering a workplace that encourages collaboration and allows us all to do our best work.

Benefits

• Stock Options
• Medical Insurance
• Vision Insurance
• Dental Insurance
• Life and Disability Insurance
• Professional Development Funds
• Flexible Time Off
• Paid Holidays
• Paid Sick Days
• Paid Parental Leave
• Retirement Benefits
• Mental Wellbeing Benefits
• And more!

The annual anticipated base salary range for U.S. candidates for this role is listed in USD below. Salary is one component of the Cockroach Labs’ Total Rewards package, which also includes, for each employee: stock options, medical insurance, vision insurance, dental insurance, life and disability insurance, funds towards professional development resources, flexible paid time off, 11 paid holidays a year, 10 paid sick days a year, paid parental leave, a 401(k) plan, and wellbeing benefits.  

We set standard ranges for all U.S.-based roles based on function, level, and geographic location, benchmarked against similar stage growth companies. Actual salaries may vary and fall outside of this range depending on factors such as a candidate’s qualifications, geographic location, skills, experience, and competencies. In addition, we are often open to a wide variety of profiles, and recognize that the person we hire may be less experienced (or more senior) than this job description as posted. 

Salaries for candidates outside the U.S. will vary based on local compensation structures. 

This position will remain posted until filled. Applicants should apply via our Careers Page.

Annual Anticipated Base Salary Range (U.S)$116,000—$154,000 USD