Who We Are: Collective Insights is a group of experienced consultants who looked around and decided to create a different kind of partnership for the modern enterprise: one focused on increasing the business value of tailored transformation and technology solutions. We are rooted in three guiding principles:
- Transform Clients
- Nurture Careers
- Uplift Communities
What Makes Us Unique: At CI our core values are not just a set of words on a wall; they are uniquely woven into the fabric of who we are as a company.
- We Have Compassion: We respect each other and are free from bias of any kind in how we approach our work. We show esteem and honor for one another and the clients we serve.
- We Have Integrity: We are truthful, honest, and open in our actions and relationships, and perform our work with a high ethical standard.
- We Are Responsible: We are focused on growth the right way while fulfilling our obligations to each other and our clients.
- We Are Trusting: We have confidence in one another to do what we have committed to do. We always assume positive intent.
Don’t just take our word for it, hear it directly from our people:
“I was drawn to CI by its amazing company culture and people. From the very beginning, I was inspired by the collaborative and supportive environment that CI fosters. CI’s commitment to innovation and continuous improvement resonated with my personal values and career aspirations. Additionally, surrounding myself with such talented and passionate individuals has pushed me to grow more than I ever thought possible during my last two years at CI!”
Ruth Fitzgerald, Consultant
Job Description: As a Data Protection Leader, you will design, implement, and optimize enterprise data protection solutions across Information Protection (classification, labeling, encryption), Data Loss Prevention (endpoint, email, web/SSE, cloud), Insider Risk Management, eDiscovery & Records Management, and Data Security Posture Management (DSPM). You will translate business, compliance, and security needs into scalable architectures leveraging Microsoft Purview (primary) alongside Varonis and Proofpoint, integrating with client ecosystems to reduce risk, enable compliance, and drive measurable value realization.
What You Will Be Doing:
- Solution Design: Define target-state data protection architectures across labeling/encryption, DLP policies, insider risk models, eDiscovery workflows, records retention, and DSPM patterns. Ensure solutions are scalable, repeatable, and aligned to regulatory and Zero Trust data principles.
- Client Engagement: Facilitate assessments and architecture workshops; advise executives on regulatory and risk implications; recommend operating model changes for compliance and monitoring.
- Implementation: Guide conversion of architecture into secure designs and implementation plans; collaborate with Technical Specialists on configuration, policies, and automation (e.g., Purview policies, Varonis remediation, Proofpoint rules).
- Compliance & Risk Management: Align solutions to frameworks (NIST, ISO 27001, HIPAA/HITRUST, PCI DSS, SOX, FedRAMP, GDPR/CCPA). Define controls for data classification, retention, exfiltration, insider misuse, and auditability.
- Technical Leadership: Act as design authority; lead design reviews, threat modeling, and establish non-functional requirements (availability, DR, performance).
- Documentation & Reporting: Produce architecture diagrams, decision records, requirements, test/acceptance criteria, and runbooks. Provide status and outcome reporting.
- Continuous Improvement: Conduct post-implementation reviews; tune DLP/IRM/eDiscovery policies; codify reusable modules and playbooks.
- Practice Development: Support pursuits (SOW scoping, demos/POCs, pricing inputs) and represent the practice externally.
What You Bring:
- Experience: 5–8+ years in data protection across at least two domains (Information Protection, DLP, Insider Risk, eDiscovery/Records, DSPM) with enterprise delivery experience.
- Education: Bachelor’s in Computer Science, Information Security, or related field (or equivalent experience). Master’s/MBA preferred.
- Technical Expertise: Deep knowledge of Microsoft Purview, Varonis or Proofpoint. Strong knowledge of regulatory requirements and auditor expectations in sectors such as financial services, healthcare, and public sector. Familiarity with scripting/automation (PowerShell, Python, APIs, Logic Apps, Graph API).
- Solution Design & Implementation: Proven ability to craft secure, scalable architectures and trade-off analyses. Hands-on guidance of build teams implementing Purview labels/DLP, Varonis permissions cleanup, Proofpoint DLP/ITM, and DSPM integrations.
- Problem-Solving & Communication: Structured thinking and clear written/verbal communication from technical to executive levels; workshop facilitation and executive-ready materials.
- Certifications (preferred): Microsoft SC-400, SC-200, SC-100; CISSP, CCSP, CIPP; vendor certifications for Varonis or Proofpoint.
Additional Requirements:
- Availability for periodic client travel and professional engagements.
- Commitment to ongoing education and staying current on data protection trends (e.g., AI governance, DSPM, Zero Trust data).
Join us:
Joining our team means shaping the future of secure, data-driven business, building innovative solutions, and influencing industry standards. Together, we’ll deliver trusted outcomes and accelerate transformation with confidence.
Our Company is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations. It is our intent to maintain a work environment which is free of harassment, discrimination, or retaliation because of sex, gender, race, religion, color, national origin, physical or mental disability, genetic information, marital status, age, sexual orientation, gender identity, military service, veteran status, or any other status protected by federal, state, or local laws. The Company is dedicated to the fulfillment of this policy in regard to all aspects of employment, including but not limited to recruiting, hiring, placement, transfer, training, promotion, rates of pay, and other compensation, termination, and all other terms, conditions, and privileges of employment.