Sr Engineer - Privacy Monitoring

Senior Information Security Engineer

The Senior Information Security Engineer is a hands‑on platform owner within the Security Engineering and Automation (SEA) team. This role carries end‑to‑end accountability for the operational health, integration, and vendor relationship of assigned security and compliance platforms, partners with the business and technical teams that depend on those platforms, and serves as a technical liaison across Information Security when investigations or incidents require coordinated handling.

• Own operational reliability, configuration, upgrades, integration health, and change governance for assigned security platforms, with documented runbooks and rollback readiness.
• Serve as a technical contact for security platform vendors. Manage support escalations and track case resolution.
• Partner with users who depend on security platforms, translating their requirements into sustainable technical capability.
• Build dashboards, reports, and user enablement to give partner teams the views and capabilities they need to operate efficiently.
• Serve as a technical liaison across Security Operations during investigations or incidents, coordinating evidence handling and handoff between Security Operations teams.
• Integrate platforms with SIEM and SOAR for enrichment, correlation, and case workflow. Maintain posture metrics and report them to partner teams, Security Operations leadership, and the CISO on a defined cadence.

• Healthcare or regulated industry experience with familiarity with HIPAA, HITECH, PCI, SOX, or comparable regulatory frameworks.
• Experience with an insider threat, user behavior analytics, or patient privacy monitoring platforms.
• Certifications such as CISSP, GCIA, GCIH, or Splunk enterprise security certifications.
• Work Location:
  
  Hybrid – minimum of 2 days per week on‑site.

Bachelor's Degree – bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required).

5+ years of experience in cybersecurity with a focus on engineering and implementation of cybersecurity controls, systems, and applications (Required).

• Limited experience in the application of key cybersecurity practices, controls, and frameworks.
• Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk‑related concepts to technical as well as non‑technical audiences.
• Some experience in the implementation of cybersecurity applications and systems including network devices, firewalls, asset management tools, access management systems, and active directory.
• Some experience participating in the application of systems engineering principles including requirements definition, system design, test planning and documentation, integration, and functional and operational testing.
• Limited experience with engineering practices related to performing operational tradeoffs in performance, functionality, cost, and efficiency.
• Some experience in performing test measurement and analysis of cybersecurity and IT systems.

• Initiates and executes tasks involving the identification of cybersecurity system performance.
• Initiates and shapes tasking involving the operation, monitoring, and analysis of cybersecurity applications and systems.
• Coordinates actions involving the testing and deployment of cybersecurity systems including firewalls, network analysis tools, access management systems, and vulnerability management applications.
• Coordinates actions necessary to recover from system failures.
• Identifies key reporting metrics associated with cybersecurity systems.