Lead Data Security Engineer

You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world. As a diversified, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility.

Position Purpose:

The Lead Data Platforms Security Engineer is responsible for designing, implementing, and optimizing enterprise-wide data protection strategies across hybrid environments. This role ensures the confidentiality, integrity, and availability of sensitive data by leading engineering efforts, integrating advanced security controls, and aligning with regulatory and organizational standards. As a strategic technical leader, the engineer collaborates across infrastructure, compliance, and business units to drive maturity in data security posture and operational resilience.

• Own the lifecycle of data platform security infrastructure, including configuration, deployment, and preventative maintenance.
• Lead operational and technical support for server environments and data center services.
• Engineering Leadership and Data Security Strategy.
• Develop and execute a unified, scalable, and risk-informed data security framework.
• Implement Data Security Posture Management (DSPM) for discovery, classification, tagging, and monitoring of structured/unstructured data.
• Advanced Threat Protection.
• Integrate Data Loss Prevention (DLP) tools with SIEM/SOAR platforms for automated threat detection and response.
• Tune DLP policies based on incident trends and business needs.
• Compliance and Governance.
• Align security controls with HIPAA, NIST, ISO 27001, and internal governance standards.
• Support audit readiness and regulatory reporting through continuous monitoring and documentation.
• Cross-Functional Collaboration.
• Serve as a technical liaison in architecture service design and steering committee meetings.
• Partner with IT, compliance, and business stakeholders to ensure secure-by-default platform strategies.
• Innovation and Optimization.
• Evaluate and deploy AI-enhanced security tools to improve detection accuracy and reduce false positives.
• Provide recommendations for system upgrades and process improvements.
• Mentorship and Development.
• Guide junior engineers and contribute to career development initiatives aligned with the NICE Framework.
• Performs other duties as assigned.
• Complies with all policies and standards.

Education/Experience:

A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and requires 5 - 7 years of related experience.

Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.

Technical Skills:

Core Security Engineering Skills:

• Cybersecurity Principles: Deep understanding of confidentiality, integrity, availability, authentication, and non-repudiation.
• Security Control Frameworks: Experience with NIST SP 800-53, CIS CSC, ISO 27001, and the Cybersecurity Framework (CSF).
• Vulnerability Management: Ability to recognize and remediate vulnerabilities using tools like Tenable, Wiz, and others.

Data Protection & DLP Expertise:

• Data Loss Prevention (DLP): Hands-on experience with Proofpoint, Zscaler, and Microsoft Purview.
• AI-Enhanced DLP: Familiarity with anomaly detection, false positive reduction, and behavioral analytics (e.g., Material Security, Sigma agents).
• Exact Data Match (EDM): Ability to partner with data warehouse teams to build EDM repositories for improved detection.

Cloud Security & Infrastructure:

• Cloud Platforms: Proficiency in AWS and Azure, including Defender for Cloud Apps (MCAS) and cloud connectors.
• Endpoint Controls: Experience with USB/CD-R restrictions, outbound monitoring, and policy enforcement.

SIEM/SOAR Integration:

• Telemetry Correlation: Skills in integrating DLP with SIEM/SOAR platforms for automated threat response.
• Detection Engineering: Experience developing and tuning security alerts and automation routines.

Systems & Network Administration:

• Server & Data Center Operations: Knowledge of system performance, capacity planning, and preventative maintenance.
• Access Controls: Ability to manage accounts, network rights, and system access.

Soft Skills:

• Intermediate - Seeks to acquire knowledge in area of specialty
• Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Intermediate - Ability to work independently
• Intermediate - Demonstrated analytical skills
• Intermediate - Demonstrated project management skills
• Intermediate - Demonstrates a high level of accuracy, even under pressure
• Intermediate - Demonstrates excellent judgment and decision making skills
• Intermediate - Ability to communicate and make recommendations to upper management
• Intermediate - Ability to drive multiple projects to successful completion
• Intermediate - Possesses technical aptitude

License/Certification:

• CISSP Certified Information Systems Security Professional preferred
• Proofpoint Email Fraud Defense preferred
• Security+, Cloud+, CEH, CHFI, and Microsoft/AWS certifications are highly valued but not required

Pay Range: $100,900.00 - $186,800.00 per year

Centene offers a comprehensive benefits package including: competitive pay, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules. Actual pay will be adjusted based on an individual's skills, experience, education, and other job-related factors permitted by law, including full-time or part-time status. Total compensation may also include additional forms of incentives. Benefits may be subject to program eligibility.

Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristic protected by applicable law.

Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act