Senior Data Security Engineer (DRM Specialist)

Barbaricum is seeking a Senior Data Security Engineer (DRM Specialist) to support a Zero Trust cybersecurity initiative for U.S. Special Operations Command (USSOCOM). This role will serve as the technical subject matter expert for Digital Rights Management (DRM), encryption policy enforcement, and data-centric security architecture across classified and unclassified environments.

The selected candidate will design and implement attribute-based encryption and rights management policies to ensure sensitive data remains protected regardless of location or transport. This position plays a critical role in integrating identity attributes, data classification, and encryption technologies to enable dynamic, policy-driven access control across the enterprise.

• →Architect and configure enterprise DRM platforms including Kiteworks Private Content Network and Microsoft Purview Information Protection.
• →Design and implement Attribute-Based Access Control (ABAC) policies to enforce dynamic access decisions based on user clearance, role, and device trust posture.
• →Manage the lifecycle of encryption keys and cryptographic infrastructure, including Bring Your Own Key (BYOK) and customer-managed key models.
• →Implement advanced secure collaboration capabilities allowing controlled viewing and editing of sensitive documents.
• →Configure rights management policies restricting unauthorized actions such as copy, printing, screen capture, or external sharing.
• →Integrate DRM platforms with identity systems and data classification tools to ensure consistent policy enforcement.
• →Support operations across hybrid and air-gapped classified networks.

• Active DoD Top Secret clearance with SCI eligibility.
• Master’s degree in Cybersecurity, Computer Science, Mathematics, or related technical field.
• 10+ years of relevant cybersecurity or data protection experience.
• Extensive experience implementing enterprise Digital Rights Management (EDRM) or Information Rights Management (IRM) solutions.
• Strong knowledge of cryptographic protocols and standards (AES-256, RSA, PKI).
• Experience designing and implementing Attribute-Based Access Control (ABAC) policies.
• Experience supporting cross-domain or classified network environments.

• Experience with Hardware Security Modules (HSM) such as Thales or Entrust.
• Knowledge of NIST SP 800-53 security controls.
• Experience integrating DRM platforms with identity governance solutions such as SailPoint.
• Kiteworks administrator certification.

• CompTIA Security+ CE (DoD 8570 IAT Level II)

• Microsoft Information Protection Administrator (SC-400)
• Certified Information Systems Security Professional (CISSP)

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.