[Remote] Senior Information Security Engineer- DLP/Insider Threat
Note: The job is a remote job and is open to candidates in USA. athenahealth is a company focused on creating a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all. They are seeking a Senior Information Security Engineer- DLP/Insider Threat to protect sensitive data and improve data loss prevention and insider risk capabilities across various platforms. The role involves hands-on engineering tasks, including tool configuration, alert tuning, and cross-functional collaboration to safeguard sensitive information.ResponsibilitiesDLP and insider risk platform operationsConfigure, monitor, and tune DLP, UEBA, DSPM/SSPM, and insider risk controlsSupport tools such as Cyberhaven, Proofpoint, CrowdStrike, and SplunkMaintain policies, classifiers, thresholds, exceptions, alert routing, and workflow logicSupport protection for PHI, PII, confidential business data, IP, credentials, and other sensitive dataTooling, telemetry, and troubleshootingTroubleshoot tooling issues, endpoint policy behavior, telemetry gaps, alert quality, and coverage concernsValidate data flows, integrations, event quality, and control effectiveness with platform owners and security partnersIdentify improvements that reduce false positives, increase detection fidelity, and improve reliabilityAlert triage and investigationTriage alerts involving sensitive data movement, endpoint activity, SaaS usage, email exfiltration, external sharing, removable media, personal cloud storage, unusual user behavior, and AI tool usageEscalate cases to the Cybersecurity Operations Center as neededCorrelate findings across security tools when neededData exposure and control improvementInvestigate data movement and user activity to identify policy tuning opportunities and potential incidentsAssess potential sensitive data exposure through AI workflows where telemetry is availableRecommend and help implement improvements that reduce data loss risk while preserving productivity and user experienceProcess, reporting, and cross-functional supportMaintain playbooks, SOPs, dashboards, metrics, reports, escalation paths, and evidence-handling practicesPartner with Incident Response, Cloud Security, Access Control, Endpoint Engineering, Privacy, Legal, Compliance, HR, and business stakeholdersSupport alert routing, case workflows, integrations, and automation improvementsSupport audits, control testing, and reporting related to HIPAA, data protection, and information security requirementsTeam support and on-call coverageCross-train team members in tool administration, workflows, and troubleshootingServe as backup support for team responsibilities and workflowsParticipate in 24x7 on-call responsibilitiesSkillsBachelor's degree or equivalent practical experienceStrong foundational skills in operating system, hardware, software, and network troubleshootingExperience in information security, DLP, insider risk, UEBA, security operations, endpoint security, data/SaaS/AI security posture management, email security, or related technical security workHands-on experience administering, monitoring, or tuning enterprise security tools such as DLP, insider risk, UEBA, email security, endpoint security, cloud security posture, secrets detection, SIEM, or case management platformsExperience supporting data protection controls across cloud, SaaS, endpoint, email, repository, data storage, or AI-enabled environmentsExperience analyzing alerts, logs, user activity, endpoint activity, email events, cloud findings, repository findings, or data movement patternsExperience administering end-user computers and troubleshooting issues as they ariseKnowledge of DLP, insider risk, UEBA, email security, cloud exposure, secrets detection, endpoint telemetry, and common exfiltration pathsAbility to configure, tune, and troubleshoot tools such as Cyberhaven, Proofpoint, Orca, GitGuardian, CrowdStrike, Splunk, or similar platformsUnderstanding of PHI, PII, ePHI, confidential business data, intellectual property, credentials, and regulated data handlingAbility to investigate alerts systematically, separate signal from noise, document findings, and escalate appropriatelyStrong judgment, discretion, and integrity when handling sensitive informationClear written and verbal communication skills for both technical and non-technical stakeholdersAbility to work independently, follow through on commitments, and manage competing prioritiesFamiliarity with Microsoft Purview eDiscovery and ticketing systems such as ServiceNow and JiraHelpful certifications or training may include Security+, GCIH, GCFE, CDPSE, CIPP/US, AIGP, CCSK, Microsoft SC-401, or insider risk training, but they are not requiredBenefitsShort and long-term incentives by way of an annual discretionary bonus plan, variable compensation plan, and equity plansHealth and financial benefitsCommuter supportEmployee assistance programsTuition assistanceEmployee resource groupsCollaborative workspacesFlexibilitySponsor events throughout the year, including book clubs, external speakers, and hackathonsCompany culture based on learning, the support of an engaged team, and an inclusive environment where all employees are valuedCompany OverviewAthenahealth is a provider of medical practice automation and claims management software to medical groups and health systems. It is a sub-organization of Bain Capital. It was founded in 1997, and is headquartered in Watertown, Massachusetts, USA, with a workforce of 5001-10000 employees. Its website is http://www.athenahealth.com.