Data Security Engineer

WHY UT SOUTHWESTERN?
With over 75 years of excellence in Dallas-Fort Worth, Texas, UT Southwestern is committed to excellence, innovation, teamwork, and compassion. As a world-renowned medical and research center, we strive to provide the best possible care, resources, and benefits for our valued employees. Ranked as the number 1 hospital in Dallas-Fort Worth according to U.S. News & World Report , we invest in you with opportunities for career growth and development to align with your future goals. Our highly competitive benefits package offers healthcare, PTO and paid holidays, on-site childcare, wage, merit increases and so much more. We invite you to be a part of the UT Southwestern team where you'll discover a culture of teamwork, professionalism, and a rewarding career!

JOB SUMMARY
Position reports in Enterprise Data Services and is instrumental in architecting, implementing, and maintaining robust security configurations across our enterprise data platform, ensuring the confidentiality, integrity, and availability of our most valuable assets. this role requires strong expertise in both data engineering principles and advanced data security architecture. This position is eligible for hybrid work schedule. Please note, this position does not support H1B visa sponsorship.

BENEFITS
UT Southwestern is proud to offer a competitive and comprehensive benefits package to eligible employees. Our benefits are designed to support your overall wellbeing, and include:

• PPO medical plan, available day one at no cost for full-time employee-only coverage
• 100% coverage for preventive healthcare-no copay
• Paid Time Off, available day one
• Retirement Programs through the Teacher Retirement System of Texas (TRS)
• Paid Parental Leave Benefit
• Wellness programs
• Tuition Reimbursement
• Public Service Loan Forgiveness (PSLF) Qualified Employer
• Learn more about these and other UTSW employee benefits!

EXPERIENCE AND EDUCATION

Required

• Education
  Bachelor's Degree in Computer Science, Data Engineering, Cybersecurity, or a related technical field or
  Master's Degree in Computer Science, Data Engineering, Cybersecurity, or a related technical field.

• Experience
  5 years of professional experience in Data Engineering, Information Security, or a combination of both, with a strong focus on securing large-scale data platforms.

JOB DUTIES

• The Data Security Engineer will be responsible for defining and enforcing the security posture of our data ecosystem, while also contributing to core data platform architecture.
• Security Architecture & Implementation: Design, implement, and manage advanced security configurations for the data platform, focusing specifically on tools like Azure Purview for data governance, Data Loss Prevention (DLP) strategies, and Data Security Posture Management (DSPM) across cloud environments.
• IAM & Access Control: Expertly define, configure, and maintain Identity and Access Management (IAM) and Role-Based Access Control (RBAC) policies across data environments (e.g., data lakes, data warehouses, streaming platforms) to enforce the principle of least privilege.
• Data Engineering & Pipeline Security: Collaborate with Data Engineering teams to embed security controls directly into data ingestion and processing pipelines, ensuring data is secured and compliant from source to consumption.
• Protocol Establishment: Establish and maintain comprehensive safety protocols and controls to protect all data collected, processed, and used by the organization throughout its entire lifecycle.
• Compliance and Governance: Ensure the strict compliance of data security policies, processes, and standard operating procedures (SOPs) within the day-to-day management and operation of the data platform.
• Security Assessment and Optimization: Continually assess the effectiveness of existing security measures, identify vulnerabilities, and recommend necessary updates, renewals, or new opportunities for improving the security landscape.
• Secure Data Transfer: Implement mechanisms to avoid unsafe data transmission. Design and manage confidential data transfers, ensuring they are protected using robust methods like firewall protection and encryption.
• Vulnerability Testing: Plan, execute, and analyze results from regular penetration testing and vulnerability scanning on the data systems to proactively identify and remediate weaknesses.
• Incident Response & Forensics: Participate in the data security incident response process, specifically by compiling post-breach information and data for comprehensive forensic analysis and reporting.
• Performs other duties as assigned.

SECURITY AND EEO STATEMENT

Security
This position is security-sensitive and subject to Texas Education Code 51.215, which authorizes UT Southwestern to obtain criminal history record information. To the extent this position requires the holder to research, work on, or have access to critical infrastructure as defined in Section 117.001(2) of the Texas Business and Commerce Code, the ability to maintain the security or integrity of the critical infrastructure is a minimum qualification to be hired and to continue to be employed in the position.

EEO
UT Southwestern Medical Center is committed to an educational and working environment that provides equal opportunity to all members of the University community. As an equal opportunity employer, UT Southwestern prohibits unlawful discrimination, including discrimination on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity, gender expression, age, disability, genetic information, citizenship status, or veteran status.