Senior Information Security Engineer – DLP/Insider Threat

This is a fully remote position, open to applicants in Massachusetts.

📋 Description

• Assist in safeguarding the sensitive data of athenahealth, including that of the company, customers, workforce, and healthcare.

• Aid in the operation and enhancement of data loss prevention and insider risk capabilities across endpoints, email, SaaS, cloud services, collaboration tools, identity management, and security platforms.

• Configure, supervise, and optimize DLP, UEBA, DSPM/SSPM, and insider risk controls.

• Support tools like Cyberhaven, Proofpoint, CrowdStrike, and Splunk.

• Oversee policies, classifiers, thresholds, exceptions, alert routing, and workflow logic.

• Resolve issues with tools, endpoint policy behavior, telemetry gaps, alert quality, and coverage concerns.

• Validate data flows, integrations, event quality, and control effectiveness in collaboration with platform owners and security partners.

• Manage alerts related to sensitive data movement, endpoint activities, SaaS usage, email exfiltration, external sharing, removable media, personal cloud storage, unusual user behavior, and AI tool engagement.

• Maintain playbooks, standard operating procedures (SOPs), dashboards, metrics, reports, escalation paths, and evidence-handling protocols.

• Collaborate with Incident Response, Cloud Security, Access Control, Endpoint Engineering, Privacy, Legal, Compliance, HR, and business stakeholders.

• Provide cross-training to team members on tool administration, workflows, and troubleshooting.

• Participate in 24/7 on-call duties.

⛳️ Requirements

• Bachelor's degree or equivalent practical experience in a relevant field.

• Strong foundational skills in troubleshooting operating systems, hardware, software, and networks.

• Experience in information security, DLP, insider risk, UEBA, security operations, endpoint security, data/SaaS/AI security posture management, email security, or related technical security roles.

• Practical experience in administering, monitoring, or tuning enterprise security tools such as DLP, insider risk, UEBA, email security, endpoint security, cloud security posture, secrets detection, SIEM, or case management platforms.

• Experience in supporting data protection controls across cloud, SaaS, endpoint, email, repositories, data storage, or AI-enabled environments.

• Proficiency in analyzing alerts, logs, user activity, endpoint actions, email events, cloud findings, repository findings, or patterns of data movement.

• Experience in administering end-user computers and resolving issues as they arise.

🏝️ Benefits

• Health insurance

• Retirement plans

• Flexible work arrangements

• Professional development opportunities

• Bonuses

• Commuter support

• Employee assistance programs

• Tuition assistance

• Employee resource groups

• Collaborative workspaces