Lead Cybersecurity Engineer, Data Loss Prevention & AI Governance
McGraw Hill · United States
- Hybrid
- Full-time
- $163,000 / year
- United States
Job highlights
- Design and implement AI security and DLP controls.
- Prevent data leaks in generative AI platforms.
- Evaluate AI tool risks and ensure compliance.
- Partner with engineering and data science teams.
- Shape the future of education through impactful work.
About the role
Lead Cybersecurity Engineer, Data Loss Prevention & AI Governance
Build the Future
At McGraw Hill, we are dedicated to delivering digital learning experiences that transform education for learners and educators. Our focus is on creating seamless, impactful products that truly benefit our users while supporting growth and collaboration across teams. We foster a culture that values innovation, teamwork, and a balance between career growth and personal well-being.
How can you make an impact?
The Cybersecurity Engineer – AI & DLP is responsible for designing and implementing data protection and governance controls across enterprise AI platforms, such as generative AI and AI-assisted development tools. This position centers on preventing data leaks, overseeing AI interactions with sensitive information, and applying security policies using DLP technologies, logging, and automated controls. The engineer will assess risks associated with AI platforms, set up inspection and monitoring systems, and create governance frameworks that ensure AI tool usage complies with organizational security, privacy, and compliance standards.
This is a remote position open to applicants authorized to work for any employer within the United States.
What You'll Do:
- Define and implement AI security controls, such as prompt filtering, response inspection, redaction, and usage monitoring, to ensure enterprise AI tools operate within approved data protection and compliance boundaries.
- Evaluate inputs and outputs of enterprise AI tools (e.g., ChatGPT, Claude, and internal LLM platforms) to identify risks related to sensitive data exposure, prompt injection, and intellectual property leakage.
- Design and implement technical guardrails and monitoring controls—including prompt inspection, output filtering, and DLP policies—to ensure AI usage aligns with enterprise security and data governance standards.
- Design, implement, and operate Data Loss Prevention (DLP) controls to prevent the exposure of sensitive data across enterprise AI platforms and generative AI tools.
- Partner with engineering, AI/data science, and Digital Workspace teams to integrate security controls into AI platforms, including prompt monitoring, data classification, and access controls.
- Evaluate emerging AI tools, models, and AI-assisted development platforms to identify cybersecurity risks and recommend appropriate security requirements and mitigations.
- Implement logging, monitoring, and alerting capabilities to provide visibility into how enterprise data is accessed, processed, and shared through AI systems.
- Develop and enforce policies and technical controls that prevent the use of sensitive data (e.g., PII, credentials, proprietary content) within AI prompts, training datasets, or integrations.
- Design and implement a Data Loss Prevention (DLP) strategy throughout all MH infrastructure systems (MS Purview, Zscaler, cloud environments). Operationalize the alert and triage standard operating procedures to protect sensitive emails, uploads, and other avenues of data loss.
- Support the design of secure architecture for enterprise AI platforms, including controls for data handling, model access, API usage, and third-party integrations.
- Contribute to security awareness and guidance for developers and employees on safe and responsible use of generative AI tools.
Who You Are:
- 15+ years of applicable experience.
- Bachelor's degree in computer science, Engineering, or related field.
- Strong communication skills and comfortability working directly with business stakeholders, vendors, and leadership.
- Ability to present risks and recommendations to leadership.
- Ability to translate complex identity concepts into business value.
- Understanding the Model Context Protocol (MCP), Retrieval-Augmented Generation (RAG), and API integrations.
- Strong knowledge of DLP technical controls, concepts, and end user computing behaviors.
- Experience with administration of the Microsoft tool suite, particularly M365 Copilot, GitHub Copilot, Microsoft Purview.
Preferred:
- In-depth knowledge of agentic AI usage and guardrails from an end user and development perspective.
- Knowledge of infrastructure and engineering of client/server compute systems.
Why work for us?
The work you do at McGraw Hill will be work that matters. We are collectively building experiences that will help shape the future of education. Play your part and experience a sense of fulfilment that will inspire you to even greater heights.
The pay range for this position is between $136,000 - $190,000 annually. However, base pay offered may vary depending on job-related knowledge, skills, experience, and location. An annual bonus plan may be provided as part of the compensation package, in addition to a full range of medical and/or other benefits, depending on the position offered. Click here to learn more about our benefit offerings.
McGraw Hill recruiters always use a “@mheducation.com” email address and/or from our Applicant Tracking System, iCIMS. Any variation of this email domain should be considered suspicious. Additionally, McGraw Hill recruiters and authorized representatives will never request sensitive information in email.
Key skills/competency
- Cybersecurity Engineering
- Data Loss Prevention (DLP)
- AI Governance
- Prompt Engineering
- Security Controls
- Risk Assessment
- Microsoft Purview
- Generative AI
- Data Protection
- Security Architecture
Skills & topics
- Cybersecurity Engineer
- Data Loss Prevention
- AI Governance
- Lead Engineer
- Cybersecurity
- DLP
- AI Security
- Microsoft Purview
- Generative AI
- Risk Management
- Computer Science
- Engineering
- Remote
- US Jobs
- Technology
How to get hired
- Tailor your resume: Highlight your 15+ years of experience in cybersecurity, DLP, and AI governance, emphasizing specific tools like Microsoft Purview and your understanding of RAG and MCP.
- Craft a strong application: Clearly articulate your ability to translate complex security concepts into business value and showcase your experience in designing and implementing DLP strategies.
- Prepare for interviews: Be ready to discuss your experience with prompt filtering, output inspection, and risk assessment for AI platforms. Practice presenting security recommendations to leadership.
- Demonstrate technical expertise: Be prepared to discuss your knowledge of DLP controls, AI security concepts, and experience with M365 Copilot and GitHub Copilot.
Technical preparation
Behavioral questions
Frequently asked questions
- What is the salary range for the Lead Cybersecurity Engineer position at McGraw Hill?
- The salary range for this Lead Cybersecurity Engineer position at McGraw Hill is between $136,000 and $190,000 annually. The final offer will depend on factors such as your specific skills, experience, and location.
- Is the Lead Cybersecurity Engineer role at McGraw Hill remote?
- Yes, this Lead Cybersecurity Engineer role is a remote position. Applicants must be authorized to work for any employer within the United States.
- What are the key responsibilities of the Cybersecurity Engineer – AI & DLP at McGraw Hill?
- The Cybersecurity Engineer – AI & DLP is responsible for designing and implementing data protection and governance controls for enterprise AI platforms, preventing data leaks, overseeing AI interactions with sensitive information, and applying security policies using DLP technologies.
- What specific AI tools and technologies will I work with as a Cybersecurity Engineer at McGraw Hill?
- As a Cybersecurity Engineer at McGraw Hill, you will evaluate and work with enterprise AI tools such as ChatGPT, Claude, and internal LLM platforms. You will also implement controls for AI-assisted development platforms and manage DLP strategies using tools like Microsoft Purview and Zscaler.
- What qualifications are required for the Lead Cybersecurity Engineer position?
- The Lead Cybersecurity Engineer position requires 15+ years of applicable experience, a Bachelor's degree in computer science, Engineering, or a related field, strong communication skills, and a deep understanding of DLP technical controls and AI security concepts, including experience with the Microsoft tool suite.
- How can I ensure my application stands out for the Lead Cybersecurity Engineer role at McGraw Hill?
- To make your application stand out, tailor your resume to highlight your extensive experience in cybersecurity, DLP, and AI governance. Emphasize your success in implementing security controls, your familiarity with relevant tools like Microsoft Purview, and your ability to communicate complex technical information to leadership.
- Does McGraw Hill offer benefits for this role?
- Yes, McGraw Hill offers a full range of medical and/or other benefits, depending on the position offered. An annual bonus plan may also be provided as part of the compensation package.
- What is McGraw Hill's process for verifying recruiter communications?
- McGraw Hill recruiters exclusively use '@mheducation.com' email addresses or communicate through their Applicant Tracking System (iCIMS). Any communication from a different domain should be considered suspicious, and recruiters will never request sensitive information via email.