Become a part of our caring community

(Candidate should be located in one of the following metro areas: Louisville, KY Dallas / Frisco, TX, Ft. Lauderdale / Tampa, FL Nashville, TN)

Position Overview:

Humana is seeking a Cyber Data Protection Engineer to support the day-to-day operation of enterprise Data Security and Data Loss Prevention (DLP) controls across multiple enforcement layers, including CASB, Data Classification, Email, Endpoint, and Web DLP. This role is highly operational in nature and focuses on DLP detection analysis, request and control exception assessment, control validation, compliance support, and ongoing support of data protection controls.
The engineer will work closely with Security, Compliance, Legal, Privacy, and business teams to research and respond to Data Security inquiries received through centralized intake channels. This role plays a key part in maintaining the effectiveness, reliability, audit readiness, and continuous improvement of Humana's Data Security and DLP program while enabling secure business operations.

Key Responsibilities

Data Security & DLP Operational Support:

• Provide day-to-day operational support for enterprise Data Security and DLP controls across email, endpoint, cloud, and collaboration platforms.
• Monitor and respond to inquiries received through the Data Security mailbox, including questions related to DLP alerts, data classification, control behavior, and approved exception handling.
• Research and analyze DLP alerts to support end-user inquiries, validate policy behavior, and determine appropriate response and follow-up actions.
• Troubleshoot and explain DLP and data classification control behavior to technical and non-technical stakeholders and end-users.
• Perform DLP control testing and validation to ensure controls are functioning as designed and aligned with policy intent.
• Implement minor DLP control tuning activities, including rule refinements and approved TLS domain updates, following change management standards.
• Provide DLP operational support for subsidiary organizations as needed.
• Assess and manage intake of Data Security and DLP-related requests, including:
• Control Review Committee (CRC) requests
• Incident (INC) tickets
• Problem (PRB) tickets
• Security investigation requests and inquiries
• Evaluate Data Security and DLP control exception requests using a risk-based approach and generate documented recommendations regarding approval, implementation, or denial.
• Perform regular audits of approved control exceptions to validate continued business justification, adherence to exception conditions, and expiration timelines.
• Evaluate SaaS and Shadow IT cloud application usage to identify potential data exposure risks and support governance or remediation activities.

Governance, Compliance & Audit Support

• Support Control Compliance Activities (CCA) and Control Self-Assessments (CSA), including response coordination, evidence collection, and remediation tracking.
• Gather, validate, and provide audit evidence to support internal and external compliance assessments such as SOC 2, HITRUST, and NIST.
• Manage and maintain the Data Security policy and control lifecycle, including documentation upkeep and control mapping to regulatory and framework requirements.
• Review and ensure operational alignment with Humana policies and standards related to Data Security and information protection.

Documentation, Metrics & Continuous Improvement

• Develop, update, and maintain Data Security and DLP documentation, including process documents, procedures, SOPs, runbooks, wikis, and knowledge base articles.
• Gather, compile, and report operational metrics related to DLP alerts, control exceptions, compliance activities, and control effectiveness.
• Support Application & Enterprise Platform (AEP) readiness activities for managed Data Security and DLP tools and solutions.
• Assist Team Leads and Senior Engineers with Data Security and DLP maturity initiatives, optimization efforts, and continuous improvement projects as needed.

Use your skills to make an impact Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• Minimum of 3–5 years of experience in cybersecurity, data protection, or security operations roles within an enterprise environment.
• Hands-on experience supporting Data Loss Prevention (DLP) or information protection tools in an operational, alert-driven environment.
• Working knowledge of data classification, data handling, and information protection concepts.
• Familiarity with regulatory requirements such as HIPAA‑HITECH, PCI‑DSS, GLBA, etc., and security, compliance, and privacy frameworks such as NIST, SOC2, and HITRUST.
• Strong analytical and investigative skills with the ability to assess risk and make sound operational decisions.
• Effective written and verbal communication skills, with the ability to work across technical and business teams.
• Experience supporting compliance activities such as control assessments, evidence collection, and audit response.
• Demonstrated ability to assess and improve process efficiency, including identifying operational gaps, reducing manual effort, and contributing to repeatable and scalable workflows.
• Experience developing, updating, and maintaining process and procedure documentation, including SOPs, runbooks, knowledge base articles, and operational guidance.
• Strong experience providing end-user assistance and support, including responding to inquiries, explaining security control behavior, and guiding users through data protection requirements.
• Strong analytical and investigative skills with the ability to assess risk and make sound operational decisions.
• Effective written and verbal communication skills, with the ability to collaborate across technical teams, compliance partners, and business users.

Preferred Qualifications

• 3+ years of experience with enterprise DLP, Data Classification, and SIEM platforms such as:
• Microsoft Purview Data Loss Prevention and Information Protection
• Microsoft Defender for Cloud Apps
• Zscaler Data Loss Prevention and CASB
• Crowd Strike Falcon Data Protection
• Proof Point DLP
• Symantec DLP
• Splunk
• Google Chronicle
• Azure Sentinel
• Cyera
• Netskope DLP
• Experience supporting regulated environments (healthcare, insurance, or financial services).

Security-related certifications (e.g., Security+, CISSP, CISM) or progress toward certification

Additional Information

Remote/WAH requirements:

• WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office.
• A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
• Satellite and Wireless Internet service is NOT allowed for this role.
• A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information

Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.

Scheduled Weekly Hours

40

Pay Range

The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.

$89,000 - $121,400 per year

This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.

Description of Benefits

Humana, Inc. and its affiliated subsidiaries (collectively, “Humana”) offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.

About us

About Humana: Humana Inc. (NYSE: HUM) is a leading U.S. healthcare company. Through our Humana insurance services and our Center Well healthcare services, we make it easier for the millions of people we serve to achieve their best health – delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare and Medicaid, families, individuals, military service personnel, and communities at large. Learn more about what we offer at Humana.com and at Center Well.com.

Equal Opportunity Employer

It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.