Provide day-to-day operational support for enterprise Data Security and DLP controls across email, endpoint, cloud, and collaboration platforms.
Monitor and respond to inquiries received through the Data Security mailbox, including questions related to DLP alerts, data classification, control behavior, and approved exception handling.
Research and analyze DLP alerts to support end-user inquiries, validate policy behavior, and determine appropriate response and follow-up actions.
Troubleshoot and explain DLP and data classification control behavior to technical and non-technical stakeholders and end-users.
Perform DLP control testing and validation to ensure controls are functioning as designed and aligned with policy intent.
Implement minor DLP control tuning activities, including rule refinements and approved TLS domain updates, following change management standards.
Provide DLP operational support for subsidiary organizations as needed.
Assess and manage intake of Data Security and DLP-related requests, including Control Review Committee (CRC) requests, Incident (INC) tickets, Problem (PRB) tickets, and Security investigation requests and inquiries.
Evaluate Data Security and DLP control exception requests using a risk-based approach and generate documented recommendations regarding approval, implementation, or denial.
Perform regular audits of approved control exceptions to validate continued business justification, adherence to exception conditions, and expiration timelines.
Evaluate SaaS and Shadow IT cloud application usage to identify potential data exposure risks and support governance or remediation activities.
Support Control Compliance Activities (CCA) and Control Self-Assessments (CSA), including response coordination, evidence collection, and remediation tracking.
Gather, validate, and provide audit evidence to support internal and external compliance assessments such as SOC 2, HITRUST, and NIST.
Manage and maintain the Data Security policy and control lifecycle, including documentation upkeep and control mapping to regulatory and framework requirements.
Review and ensure operational alignment with Humana policies and standards related to Data Security and information protection.
Develop, update, and maintain Data Security and DLP documentation, including process documents, procedures, SOPs, runbooks, wikis, and knowledge base articles.
Gather, compile, and report operational metrics related to DLP alerts, control exceptions, compliance activities, and control effectiveness.
Support Application & Enterprise Platform (AEP) readiness activities for managed Data Security and DLP tools and solutions.
Assist Team Leads and Senior Engineers with Data Security and DLP maturity initiatives, optimization efforts, and continuous improvement projects as needed.

Requirements

Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
Minimum of 3–5 years of experience in cybersecurity, data protection, or security operations roles within an enterprise environment.
Hands-on experience supporting Data Loss Prevention (DLP) or information protection tools in an operational, alert-driven environment.
Working knowledge of data classification, data handling, and information protection concepts.
Familiarity with regulatory requirements such as HIPAA‑HITECH, PCI‑DSS, GLBA, etc., and security, compliance, and privacy frameworks such as NIST, SOC2, and HITRUST.
Strong analytical and investigative skills with the ability to assess risk and make sound operational decisions.
Effective written and verbal communication skills, with the ability to work across technical and business teams.
Experience supporting compliance activities such as control assessments, evidence collection, and audit response.
Demonstrated ability to assess and improve process efficiency, including identifying operational gaps, reducing manual effort, and contributing to repeatable and scalable workflows.
Experience developing, updating, and maintaining process and procedure documentation, including SOPs, runbooks, knowledge base articles, and operational guidance.
Strong experience providing end-user assistance and support, including responding to inquiries, explaining security control behavior, and guiding users through data protection requirements.

Benefits

medical, dental and vision benefits
401(k) retirement savings plan
time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave)
short-term and long-term disability
life insurance and many other opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Data Loss Prevention (DLP)data classificationinformation protectioncybersecuritysecurity operationscontrol assessmentsaudit responseprocess documentationrisk assessmentoperational metrics

Soft Skills

analytical skillsinvestigative skillseffective communicationcollaborationprocess efficiencyproblem-solvingend-user supportdecision-makingdocumentation skillscontinuous improvement

Certifications

Bachelor's degree in Computer ScienceBachelor's degree in Information SecuritySOC 2HITRUSTNIST complianceHIPAA-HITECHPCI-DSSGLBA