Senior Data Protection Engineer

JOB SUMMARY

Location: Remote (United States) 

Eligibility: U.S. Citizenship is required.

The Senior Data Protection Engineer is a critical member of the Data Protection team, responsible for the design, implementation, and maintenance of the organization's data protection infrastructure and applications. The Senior Engineer will lead complex projects, troubleshoot critical incidents, and provide technical guidance and mentorship to team members. They will also lead the development of Data Protection engineering policies, standards and procedures. This role requires deep expertise in Microsoft Purview, ForcePoint, BigID, Varonis, Windows, Linux, GKE, Encryption, and other data loss prevention (DLP) and data security posture management (DSPM) tools.

ESSENTIAL RESPONSIBILITIES

• Lead the design, implementation, and maintenance of the organization's data protection infrastructure across multiple platforms and vendors, ensuring optimal performance, scalability, and security. This includes DLP, DSPM, data de-identification solutions, and etc.

• Design and architect robust data protection solutions that align with business requirements and industry best practices. This encompasses both on-premises and cloud-based environments (GCP, AWS, Azure).

• Develop, implement, and maintain data protection policies across all relevant platforms and systems. This includes configuring sensitive information types, tuning detection parameters, managing exception lists, and etc.

• Conduct thorough root cause analysis to determine the underlying causes of errors, leveraging advanced troubleshooting techniques and escalating to appropriate teams when necessary to ensure timely and effective remediation

• Proactively manage complex data protection projects with minimal supervision, leading meetings, providing technical presentations, and effectively communicating project status and proposals to stakeholders. This includes representing the data protection engineering team in cross-functional initiatives

• Develop custom data protection solutions and automation scripts (e.g., PowerShell, Python) to enhance efficiency, streamline processes, and support the deployment and maintenance of data protection software. This includes integrating with existing systems, and leveraging DevOps practices such as Git, CI/CD pipelines, and Helm charts for efficient deployment and management.

• Provide technical leadership and mentorship to team members, fostering a culture of continuous learning and improvement within the data protection team

• Stay up-to-date on relevant data privacy regulations and industry standards, ensuring the organization maintains a strong data protection posture

• Other duties as assigned or requested.

EXPERIENCE

Required

• 7 years of experience with Data Loss Prevention

• 7 years of experience with Information Security and Systems Analysis

• 5 years of experience with at least two modern programming languages (Python, Java, JavaScript, BASH, PowerShell etc.)

• 5 years of experience with designing and providing architectural support to at least two of the following cloud service providers: Google Cloud Platform, Amazon Web Services or Azure

• 5 years of experience with deploying and maintaining infrastructure for DLP software's

• 5 years of experience with creating and managing DLP policies

• 5 years of experience with Operating Systems and Software Administration

Preferred

• 3 years of experience with Kubernetes or other Container orchestration technologies

• 3 years of experience with Gitlab or other versioning control tools and processes

SKILLS

• Demonstrates ability to achieve stretch goals in a highly innovative and fast-paced environment.

• Ability to communicate and present to other technology groups and leaders

• Kubernetes or other Container orchestration technologies

• Gitlab or other versioning control tools and processes

• Terraform or other automation technologies

• Skills in infrastructure support, such as networking

• Strong teamwork and inter-personal skills

• Familiarity with secure SDLC best practices 

• Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, PCI, HIPAA, HITECH, COBIT, ISO 27001/2, and ITIL 3

EDUCATION

Required

• Bachelor’s degree in Information Security, Information Systems, Information Assurance, Computer Science or related field

Substitutions

• 7 years of Information Security, Governance, Risk and/or Compliance, Information Technology or Business Analysis with at least 5 years of experience with hands-on Engineering principles

Preferred

• Master’s degree in Information Security, Information Systems, Information Assurance, Computer Science or related field

LICENSES or CERTIFICATIONS

Required

• None

Preferred

• CISSP

• Advanced certification in any of these cloud providers - GCP, AWS or Azure (E.g. Professional Cloud Architect/Security Engineer)

• Terraform or similar certification

Language:

• None

Travel Required:

• Less than 25%

PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS

Position Type

• Office-Based or Remote Position

Physical work site required

• Occasionally

Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.
Compliance Requirement: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.
As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times.  In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy. 
Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.

Pay Range Minimum:

Pay Range Maximum:

Base pay is determined by a variety of factors including a candidate’s qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations.  The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets.

Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.

We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.

For accommodation requests, please contact HR Services Online at [email protected]

California Consumer Privacy Act Employees, Contractors, and Applicants Notice