Staff Cybersecurity Architect - Data Security & Data Loss Prevention

You desire impactful work. You reRGA ready RGA is a purpose-driven organization working to solve today s challenges through innovation and collaboration. A Fortune 200 Company and listed among its World s Most Admired Companies, we re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all. The Staff Cybersecurity Architect - Data Security & Data Loss Prevention is a senior technical leader responsible for designing, implementing,validating, and continuously measuring enterprise data securityposture,data protection controls,and reference architectures. This role ensures data protection controls are embedded throughout endpoint, identity, collaboration,storage,dataplatformsandcryptographic trust services, applying securebydesign and zero trust principles acrossmulti-cloud, SaaS, andon premisesenvironments. The Data Security& Data Loss Preventionarchitectoperatesat the intersection of architecture, engineering, and audit readiness, proactively translating regulatory and business risk into deployable, testable, and measurable controls.The architect willchampioncontrolsthatare not onlywell designedbut operationalized, continuouslyvalidated, and demonstrably effective. Through close collaboration with platform stakeholdersand service owners, the role advances the organization s data protection maturity while enabling scalable,audit readydefenses. Principle Duties • Develop, maintain, and evolve enterprise data security and data loss prevention architectures aligned to business objectives, regulatory requirements, and data classification standards. • Champion the integration of datacentric security controls across endpoint, identity, collaboration, storage, and data platforms, ensuring secure by default and least privilege principles. • Design and operationalize Microsoft Purview Information Protection and DLP capabilities, including sensitivity labeling, classification, policy enforcement, and user experience considerations. • Architect and implement Microsoft Defender capabilities (Endpoint, Identity, Office 365, Cloud Apps) to protect data throughout its lifecycle. • Serve as a senior technical authority for data security and DLP across Windows, macOS, Windows Server, and Linux environments, ensuring consistent enforcement across heterogeneous platforms. • Integrate Microsoft Security capabilities with complementary platforms such as Varonis Data Security to provide comprehensive data protection. • Author and maintain data security and DLP standards, reference architectures, and technical guardrails aligned to NIST and internal security frameworks. • Convert business risks and regulatory obligations into technical requirements and traceable, measurable mitigation strategies. • Evaluate new platforms, tools, and vendors for strategic fit, security posture, and architectural impact. • Provide technical leadership, mentorship, and escalation support for complex data security and DLP challenges. • Communicate control posture, risks, and recommendations clearly to engineering, audit, and leadership stakeholders. • Continuously assess and improve data security posture through metrics, dashboards, and control validation. • Collaborate with PKI teams to manage certificate lifecycle operations, including issuance, renewal, revocation, and inventory. • Perform other duties as assigned. Education • Bachelor s degree in arts/sciences (BA/BS) or equivalent experience - Required • Active CIPT, CDPSE, CISSP certification - Preferred • Additional certifications (e.g., Microsoft SC100/SC400/AZ500, Varonis DSE, CDP, CISA, GIAC, CCSP) - Preferred Work Experience • 8+ years of progressive experience in information technology security/infrastructure engineering/architecture - Required • 6+ years of data security and data loss prevention control implementation/architecture experience focused on technical control design, implementation, and validation in enterprise environments - Required • Demonstrated success designing and deploying enterprise data security and data loss prevention technology controls, platforms, and programs - Required • Deep understanding of industry best practices, ISO 27001/27701, SOC 2 and NIST aligned compliance and security frameworks, particularly as they relate to data protection and DLP - Required • Strong technical background in data classification, Varonis Data Security, Microsoft Purview, and Microsoft Defender security suite across hybrid on-premise and multi-cloud infrastructure. - Required • Proven experience supporting audit, regulatory, or certification efforts through technical control implementation and validation - Required • Ability to map and document complex systems and data flows; advanced analytical and problem-solving skills, including competency with tooling such as Lucid chart, Visio...