The Senior Cyber Data Protection Engineer will operate as a member of the [Author by Humana] technology Cybersecurity leadership team reporting to the Chief Information Security Officer (CISO). This
role contributes [Author by Humana] enterprise goals as an experienced and active cyber security professional practitioner and a skilled technologist. This role will also contribute to a lean Cybersecurity analytics metrics and reporting operations functions for a cloud-first, consumer-friendly, fast-moving, agile operating model. The Senior Cyber Data Protection Engineer will be accountable and responsible for delivering results, shaping culture, and cultivating cloud and data analysis talent, and operating within organizational and enterprise boundaries to rapidly analyze and use data in support of selecting, architecting, deploying and operating cloud-first Cybersecurity technology solutions. Success in this role requires an in-depth understanding of public cloud technologies, agile/DevSecOps practices and the ability to build collaborative relationships with other teams within [Author by Humana] (engineering, product, architecture, operations, service management, Cybersecurity, infosec, privacy, regulatory compliance, etc.) and across the broader Humana Inc. Enterprise (Enterprise architecture, infrastructure, Enterprise information protection).
The Senior Cyber Data Protection Engineer contributes to [Author by Humana] enterprise goals as a hands-on, experienced, and active cyber security practitioner professional and a skilled technologist. They will participate in a dynamic team of cloud Cybersecurity and data protection architects, engineers and operations technologists to protect [Author by Humana] assets, data, brand and consumers in a cloud-first consumer-friendly operating model. This role will be responsible for partnering with IT Architecture, IT Engineering, IT Software Engineering, IT Operations, DevOps and lines of business leaders and their teams to ensure that Cybersecurity data protection and analytics and reporting is available to be consumed and help make data-driven decisions across [Author by Humana] enterprise and to ensure that our people, technologies and processes are adequately secured and monitored and meet Cybersecurity regulations at state, national and international levels. This role will work with a variety of data types and data storage systems in the cloud and from legacy systems to find creative and innovative ways to manage cyber-risks and to enable leaders and operational teams with data, reports, dashboards to help them make data-driven decisions. This role will need to be able to organize various data sets into structure repositories that will enable automated analysis that can populated.
regulatory compliance reporting and metrics for the overall health and operational effectiveness of the Cybersecurity program as part of the overall risk management and compliance programs across the [Author by Humana] enterprise. This is a hands-on role where the Senior Cyber Data Protection Engineer is required to have the technical skills to understand the analyze complex data sets, logs and log types, event and event types, database schemas and data feeds to move data to/from/through the end to end analytics process. This role will require a Cybersecurity professional and practitioner that has the experience, confidence and technical skills to rethink routine and leverage new and innovative approaches to cyber-risk management and be able to communicate complex concepts to broad range of stakeholders and align them to the strategic and tactical actions required to execute to implementation completion to operational sustainment.
Key activities for Senior Cyber Data Protection Engineer function:
- Liaison for other corporate data analytics teams and lines of business outside of [Author by Humana] with Humana Inc and other external, contractors, service providers, vendors, law enforcement and vendors to extract cybersecurity data.
- Establish data content discovery and content / file classification and tagging solutions and operational practices that track and manage risk of data content loss/leakage or unauthorized use or access or regulated/high value data and minimize the risks of data security and/or data privacy breaches.
- Partner with and support other [Author by Humana] technology and business leaders and teams to help them has access to actionable Cybersecurity data and analysis results that support their operations and decision-making processes in timely manner.
- Establishing and executing on data content inspection and file tagging/classification policies, standards, and practices
- Incorporate end user behavior with data content access, flow and collaboration into Cybersecurity training and awareness program to enforce data protection compliance and acceptable use policy enforcement.
- Build and maintain data structures and databases in support of Cybersecurity and cyberoperations risk management.
- Aggregate, normalize and analyze various log, event and data sources into cloud storage at Microsoft and Google cloud providers and use cloud analytics technologies to create actionable Cybersecurity intelligence that help driver operational actions.
- Analyze data and enable machine learning, advanced analytics, and AI in support of Cybersecurity.
- Model business processes for analysis and optimization in support of Cybersecurity risk management outcomes
- Analyze Cybersecurity events logs and alerts to identity high risk activities and use that data to trigger operational risk mitigations.
- Implement tools to visualize data analysis results Create Cybersecurity risk metrics and reports and present results and interpretations to [Author by Humana] leadership.
- Analyze data from Cybersecurity incidents, security and privacy breaches that can aid in post event investigations.
- Analyze logs, events and alerts through the technology and operational ecosystem to derive root causes for Cybersecurity and technology operational disruptions, outages, anomalies.
- Create data movement/piping scripts to bulk move data around securely to facility the data aggregation and data analysis processes (batch, stream, push, pull, trigger, schedule, etc.)
- Use data analysis results to adjust, tune and otherwise making changes and improvements to our Cybersecurity operational processes, technologies, policies, standards and overall practices that drives down Cybersecurity risks to acceptable levels
- 4+ years of experience in cyber security and/or information protection practitioner and/or
- Clear understanding of cloud data/log/event collection, storage, analysis and computing and how SaaS, PaaS and IaaS solutions can accelerate innovation and delivery, while generating operational efficiencies.
- 4- or 5-years’ undergraduate degree in STEM (science, technology, engineering, mathematics) or Computer Information Sciences or related discipline or 10+ years of experience in role/field Cybersecurity profession.
- 2+ years of experience or working knowledge of HIPAA Security and HIPAA Privacy regulations and requirements or Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) or NIST Special Publication 800 series Cybersecurity standards.
- 3 or more years of experience in Cyber Data Protection and/or Data Leakage Prevention and/or Cyber Data Analytics
- Experience with one or more ETL platforms Microsoft, Google, Microsoft Cloud Application Security, Google Big Table, Relational Database Management Solutions, Columnar Databases, Mongo DB, Oracle DB, SQL, No-SQL, or similar Security Information & Event Management solutions.
- Proficient in scripting one or more of the following technologies Python, PowerShell, API, legacy VBS.
- Experience with Power App platform, with a concentration on Power BI.
- Experience with a public cloud platform in one or more of the following cloud environments (Google Cloud Platform, Microsoft Azure, Azure AD and Office 365, Amazon Web Services)
- Competence in creating high quality reports, dashboards, graphs and metrics summary / tracking tools and visually stimulating and effective/useful displays.
- Proficient in the use of cloud native technologies, cloud Cybersecurity, and implementation patterns to lower costs, improve speed to market, increase efficiency, and enable innovation.
- A passion for simplifying and automating workflows, for making complex things easy and efficient, constantly finding new uses for data and turning data into usable information, insights and actions.
- Proficient at articulating key messages effectively and guiding IT leaders and business partners on key concepts and strategies for enabling technology innovation.
- Experience with one or more from Microsoft Sentinel, Google Backstory, Splunk, Microsoft Cloud Application Security, Google Big Table, Relational Database Management Solutions, Columnar Databases, Mongo DB, Oracle DB, SQL, No-SQL, or similar Security Information & Event Management solutions.
- Healthcare domain experience including delivering products or solutions for payers, providers, pharmacy or medical equipment and/or consumer solutions
- Cybersecurity professional certification as CISSP, CISSMP, CISSAP or CISSPE or equivalent
The successful candidate will
- Be self-directed, highly engaged, able to navigate through ambiguity.
- Have demonstrated expertise in cybersecurity strategy development and execution in a fast-paced, cloud-first, internet-only business environment.
- Leverage high EQ to build and maintain solid relationships with key business leaders and stakeholders.
- Bring a broad set of experiences with cybersecurity, as you will be consulted for guidance on topics that are technical, non-technical, and everything in between.
- High level of technical acumen.
During your first 100 days, you can expect to
- Learn about Author, a fresh, cloud-first organization whose mission is to knock down barriers to health and be a catalyst so that people can live their lives on their terms.
- Meet your Author cybersecurity team, who seeks to provide modern protection capabilities to enable and empower agile, innovative and member-friendly business outcomes.
- Familiarize with the data landscape at Author and Humana.
- Gain a deep understanding of the technologies in place that support cybersecurity, particularly the data and cloud technology, where you will become the subject matter expert and data engineer.
- Make connections with key leaders and stakeholders in the business, especially the ones who act as control owners – key players in managing cyber risk.
- Help control owners assess risk, develop controls and safeguards, and optimize processes.
- Get to know Author’s cybersecurity policies so you can apply them, interpret them for others, improve them, and create new policies when needed.
- Understand Author’s cybersecurity compliance efforts and requirements and facilitate compliance assessments.
How We Work
We knock down barriers to health and are a catalyst so that people can live their best lives on their terms.
- Build Trust: Our team is authentic, we are honest and transparent, and we make promises and then deliver on them. You can rely on us, always.
- Embrace Positivity: We believe in the power of positive messages, positive emotions, and positive relationships to motivate our teammates and our members to live their best lives.
- Be Curious and Humble: We don’t know everything. To deliver on our mission, we need to be intensely curious and open to challenging own assumptions about the world, the industry, the solution, and our own members’ experiences.
- Solve Problems with Creativity: We are especially skilled in navigating complexity, solving tough problems, and making concepts real as we forge a new path in healthcare.
- Elevate Others: We value the impact and contributions of our teammates and members. We are supportive leaders, collaborating and building relationships to enable others to reach their highest potential.
- Value Diverse Perspectives: We value each individual for who they are and their unique skills. In building diverse teams and learning from the perspectives of others, we create more inclusive solutions.
Scheduled Weekly Hours
- Address Louisville, KY, USA
- Salary Offer $100.000 ~
- Experience Level Manager
- Total Years Experience 5-10
- Academic Degree Bachelors