Senior Information Security Engineer- DLP/Insider Threat

Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.

Employer work visa sponsorship and support are not provided for this role. Applicants must be currently authorized to work in the United States at hire and must maintain authorization to work in the United States throughout their employment with our company.

Senior Information Security Engineer- DLP/Insider Threat

Position Summary

The Senior Information Security Engineer- DLP/Insider Threat helps protect athenahealth’s sensitive company, customer, workforce, and healthcare data. This role supports the operation and improvement of data loss prevention and insider risk capabilities across endpoint, email, SaaS, cloud, collaboration, identity, and security platforms.

This is a hands-on, engineering-focused role with an emphasis on tool configuration, alert tuning, technical troubleshooting, evidence quality, workflow improvement, and cross-functional response.

About the Team This team supports data protection and insider risk capabilities that help safeguard PHI, PII, confidential business data, intellectual property, credentials, and other sensitive or regulated information. The work spans security tooling, alert triage, investigations, policy tuning, and operational support in partnership with multiple security and business teams.

Essential Job Responsibilities

•

DLP and insider risk platform operations

•

Configure, monitor, and tune DLP, UEBA, DSPM/SSPM, and insider risk controls.

•

Support tools such as Cyberhaven, Proofpoint, CrowdStrike, and Splunk.

•

Maintain policies, classifiers, thresholds, exceptions, alert routing, and workflow logic.

•

Support protection for PHI, PII, confidential business data, IP, credentials, and other sensitive data.

•

Tooling, telemetry, and troubleshooting

•

Troubleshoot tooling issues, endpoint policy behavior, telemetry gaps, alert quality, and coverage concerns.

•

Validate data flows, integrations, event quality, and control effectiveness with platform owners and security partners.

•

Identify improvements that reduce false positives, increase detection fidelity, and improve reliability.

•

Alert triage and investigation

•

Triage alerts involving sensitive data movement, endpoint activity, SaaS usage, email exfiltration, external sharing, removable media, personal cloud storage, unusual user behavior, and AI tool usage.

•

Escalate cases to the Cybersecurity Operations Center as needed.

•

Correlate findings across security tools when needed.

•

Data exposure and control improvement

•

Investigate data movement and user activity to identify policy tuning opportunities and potential incidents.

•

Assess potential sensitive data exposure through AI workflows where telemetry is available.

•

Recommend and help implement improvements that reduce data loss risk while preserving productivity and user experience.

•

Process, reporting, and cross-functional support

•

Maintain playbooks, SOPs, dashboards, metrics, reports, escalation paths, and evidence-handling practices.

•

Partner with Incident Response, Cloud Security, Access Control, Endpoint Engineering, Privacy, Legal, Compliance, HR, and business stakeholders.

•

Support alert routing, case workflows, integrations, and automation improvements.

•

Support audits, control testing, and reporting related to HIPAA, data protection, and information security requirements.

•

Team support and on-call coverage

•

Cross-train team members in tool administration, workflows, and troubleshooting.

•

Serve as backup support for team responsibilities and workflows.

•

Participate in 24x7 on-call responsibilities.

Expected Education & Experience

•

Bachelor’s degree or equivalent practical experience.

•

Strong foundational skills in operating system, hardware, software, and network troubleshooting.

•

Experience in information security, DLP, insider risk, UEBA, security operations, endpoint security, data/SaaS/AI security posture management, email security, or related technical security work.

•

Hands-on experience administering, monitoring, or tuning enterprise security tools such as DLP, insider risk, UEBA, email security, endpoint security, cloud security posture, secrets detection, SIEM, or case management platforms.

•

Experience supporting data protection controls across cloud, SaaS, endpoint, email, repository, data storage, or AI-enabled environments.

•

Experience analyzing alerts, logs, user activity, endpoint activity, email events, cloud findings, repository findings, or data movement patterns.

•

Experience administering end-user computers and troubleshooting issues as they arise.

•

Helpful certifications or training may include Security+, GCIH, GCFE, CDPSE, CIPP/US, AIGP, CCSK, Microsoft SC-401, or insider risk training, but they are not required.

Required Knowledge & Skills

•

Knowledge of DLP, insider risk, UEBA, email security, cloud exposure, secrets detection, endpoint telemetry, and common exfiltration paths.

•

Ability to configure, tune, and troubleshoot tools such as Cyberhaven, Proofpoint, Orca, GitGuardian, CrowdStrike, Splunk, or similar platforms.

•

Understanding of PHI, PII, ePHI, confidential business data, intellectual property, credentials, and regulated data handling.

•

Ability to investigate alerts systematically, separate signal from noise, document findings, and escalate appropriately.

•

Strong judgment, discretion, and integrity when handling sensitive information.

•

Clear written and verbal communication skills for both technical and non-technical stakeholders.

•

Ability to work independently, follow through on commitments, and manage competing priorities.

•

Familiarity with Microsoft Purview eDiscovery and ticketing systems such as ServiceNow and Jira.

Why This Role Matters This role strengthens athenahealth’s ability to protect sensitive data, detect risk early, and respond effectively to insider threat and data loss scenarios. The work supports both security outcomes and business productivity through practical, well-tuned controls.

Expected Compensation

$96,000 - $164,000

The base salary range shown reflects the full range for this role from minimum to maximum. At athenahealth, base pay depends on multiple factors, including job-related experience, relevant knowledge and skills, how your qualifications compare to others in similar roles, and geographical market rates. Base pay is only one part of our competitive Total Rewards package - depending on role eligibility, we offer both short and long-term incentives by way of an annual discretionary bonus plan, variable compensation plan, and equity plans.

About athenahealth

Our vision: In an industry that becomes more complex by the day, we stand for simplicity. We offer IT solutions and expert services that eliminate the daily hurdles preventing healthcare providers from focusing entirely on their patients — powered by our vision to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.

Our company culture: Our talented employees — or athenistas, as we call ourselves — spark the innovation and passion needed to accomplish our vision. We are a diverse group of dreamers and do-ers with unique knowledge, expertise, backgrounds, and perspectives. We unite as mission-driven problem-solvers with a deep desire to achieve our vision and make our time here count. Our award-winning culture is built around shared values of inclusiveness, accountability, and support.

Our DEI commitment: Our vision of accessible, high-quality, and sustainable healthcare for all requires addressing the inequities that stand in the way. That's one reason we prioritize diversity, equity, and inclusion in every aspect of our business, from attracting and sustaining a diverse workforce to maintaining an inclusive environment for athenistas, our partners, customers and the communities where we work and serve.

What we can do for you

Along with health and financial benefits, athenistas enjoy perks specific to each location, including commuter support, employee assistance programs, tuition assistance, employee resource groups, and collaborative workspaces — some offices even welcome dogs.

We also encourage a better work-life balance for athenistas with our flexibility. While we know in-office collaboration is critical to our vision, we recognize that not all work needs to be done within an office environment, full-time. With consistent communication and digital collaboration tools, athenahealth enables employees to find a balance that feels fulfilling and productive for each individual situation.

In addition to our traditional benefits and perks, we sponsor events throughout the year, including book clubs, external speakers, and hackathons. We provide athenistas with a company culture based on learning, the support of an engaged team, and an inclusive environment where all employees are valued.

Learn more about our culture and benefits here: athenahealth.com/careers

https://www.athenahealth.com/careers/equal-opportunity