148 Information Security Manager jobs in Washington

**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
This job provides Information Security and Risk Management services for the Organization. Works with peers within security, HM Health Solutions customers and application teams to ensure alignment with current and future security needs. Manages activities of various Information Security personnel. Makes decisions on personnel actions (promotions, hiring, terminations, etc.). Develops talent, addresses resource management, cultivates capabilities of staff, planning and coordination of work, and managing performance. Conducts the oversight of security technology products for network, systems, and data. Controls expenses within the operating unit and is responsible for meeting budget goals. Actively contributes to the Information Security ans Risk Management (ISRM) strategic planning process by working with the Directors to develop and implement department strategic plans and action steps that support the corporate strategic objectives. Actively involved in the coordination, implementation, problem solving, communication, and training of new technologies and processes, as they are developed and moved into the environment. Develops and presents Information Security awareness and training programs.
**ESSENTIAL RESPONSIBILITIES**
+ Perform management responsibilities including, but not limited to: involved in hiring and termination decisions; coaching and development; rewards and recognition; performance management and staff productivity.
+ Plan, organize, staff, direct and control the day-to-day operations of the department; develop and implement policies and programs as necessary; may have budgetary responsibility and authority.
+ Provide oversight of all aspects of project management to ensure continuous improvement of processes: negotiate and collaborate with leadership and staff to develop security solutions and options; develop and adhere to internal standards and strategies; ensure adherence to approved methodologies; coordinate resources, time, contingency plans and risk management.
+ Provide leadership to the department: lead and champion organizational change; encourage participation in activities that support relationship development; champion information security innovation; encourage and enforce proper training in regards to security issues.
+ Ensure compliance to Corporate and Information Security policies, standards and procedures.
+ Communicate effectively with all levels of the organization: facilitate meetings; plan, design and provide presentations; represent HM Health Solutions with outside entities; prepare divisional procedures, policies, reports and correspondence; spread awareness of new and existing security threats; provide oversight regarding metrics, funding, budgets and resources.
+ Other duties as assigned or requested.
**EDUCATION**
**Required**
+ Bachelor's Degree in Information Security, Information Systems, Information Assurance, Computer Science or related field
**Substitutions**
+ 6 years of relevant experience substitution for a Bachelor's Degree
**Preferred**
+ Master's Degree in Computer Science, Information Security or related field
**EXPERIENCE**
**Required**
+ 7 - 10 years in Information Security and/or Information Risk Management and/or Information Technology
+ 7 - 10 years in developing, communicating and presenting Information Security and Risk Management concepts to varying audiences
+ 1 - 3 years in mentoring others in a leadership role
+ 1 - 3 years in Staff Management
+ 1 - 3 years in developing and executing strategic plans to realize business objectives
**Preferred**
+ 10 - 15 years in Information Security and/or Information Risk Management and/or Information Technology
+ Experience managing an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework
+ Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits
+ Experience establishing budgets and meeting fiduciary goals
+ Security industry organization participation/leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.)
**LICENSES AND CERTIFICATIONS**
**Required**
+ None
**Preferred**
+ Certified Information Systems Security Professional (CISSP) **OR**
+ Certified Information Security Manager (CISM) **OR**
+ Certified in Risk and Information Systems Controls (CRISC) **OR**
+ Information Technology Infrastructure Library (ITIL)
**SKILLS**
+ Knowledge of regulatory requirements such as Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry Data Security Standards (PCI DSS), and FIPS-140
+ Strong teamwork and interpersonal skills
+ Experience in leading process improvement initiatives
+ Ability to motivate high performance, multi-discipline teams
+ Demonstrated competency in project execution
+ Demonstrated abilities in relationship management
**Languages (Other than English)**
None
**Travel Requirement**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office-Based
Teaches/Trains others regularly
Frequently
Travels regularly from the office to various work sites or from site-to-site
Occasionally
Works primarily out-of-the office selling products/services (Sales employees)
Does Not Apply
Physical Work Site Required
Yes
Lifting: up to 10 pounds
Does Not Apply
Lifting: 10 to 25 pounds
Does Not Apply
Lifting: 25 to 50 pounds
Does Not Apply
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
**Pay Range Minimum:**
$108,000.00
**Pay Range Maximum:**
$201,800.00
_Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J

**What Information Security and Risk contributes to Cardinal Health**
Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.
Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
We currently have a full-time job opening for an Experienced Engineer on the Data Protection team. This position can be either at our Dublin center or remote.
**Job Overview:**
The _Experienced Data Protection Engineer_ will assist the manager of the data protection team at Cardinal Health. This engineer will also work with the tech lead to architect, design, and support technology solutions for protecting data in motion and especially for data at rest. This may include the need to use Data Loss Prevention (DLP) tools, our Cloud Access Security Broker (CASB), email security tools or others. This engineer will also play a role in supporting key leadership requests as the data protection program is developed and continually aligned with the changing technological landscape as well as industry evolutions and trends.
Responsibilities include the following:
+ Assist in the design and support of data protection technology advancements/developments.
+ Assist fellow engineers in supporting GCP Big Query initiatives inclusive of scan configurations and reporting in GCP.
+ Manage policies and configuration of data protection technology rule sets per program requirements and leadership requests.
+ Help drive CASB integrations and the overall advancement of company data at rest initiatives in relevant environments and applications.
+ Partner with the manager and technical lead to provide security expertise to corporate, market segments and IT teams
+ Provide consultation and implement appropriate DLP security and monitoring controls in support of relevant M&A activities and Zero Trust discussions.
+ Take a central role in defining and then implementing requested security controls to enable delivery of the Data protection road map initiatives.
+ Support the technical lead and manager in collaboration across Information Security, Data governance and business units to aid in the development, growth, and evolution of our security culture.
+ Participate in relevant/daily DLP event remediation activities and help drive automated tasks of relevant DLP detections in collaboration with analysts.
+ Participate in corporate policy updates and developments.
+ Take an active role in supporting relevant POC efforts for new technologies.
**Desired Qualifications**
+ Prior experience with industry tools, especially CASB and email encryption technologies.
+ Prior experience leveraging/configuring XSOAR solutions towards event and incident remediation in DLP.
+ Prior exposure and usage of GCP-native security controls.
+ Proficient with query development and understanding of SIEM solutions.
+ Solid understanding of Zero Trust principles and best practices relating to the data pillar.
+ Demonstrated Information Security understanding and specifically industry best practices for the development of data protection processes.
+ One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA, SSCP or similar
+ Bachelor's Degree in related field or equivalent work experience
+ At least 6-8 years of experience working with data protection technologies preferred.
**What is expected of you and others at this level?**
+ Provides general guidance on new technical requests and tasks
+ Recommends new practices, processes, metrics, or models
+ Acts as a mentor to less experienced colleagues
+ Strong understanding of data protection technologies for both in motion and at rest detection.
+ Ability to work interdependently and provide consultative recommendations on best practices.
+ Ability to align program developments with organizational priorities through an understanding of processes and technologies.
**Anticipated salary range:** $93,500 - $140,280
**Bonus eligible:** No
**Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being.
+ Medical, dental and vision coverage
+ Paid time off plan
+ Health savings account (HSA)
+ 401k savings plan
+ Access to wages before pay day with myFlexPay
+ Flexible spending accounts (FSAs)
+ Short- and long-term disability coverage
+ Work-Life resources
+ Paid parental leave
+ Healthy lifestyle programs
**Application window anticipated to close:** 10/15/2025 *if interested in opportunity, please submit application as soon as possible.
The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity.
_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._
_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._
_To read and review this privacy notice click_ here (

At Avanade, cybersecurity consultants are innovators, risk-takers, and challengers of the status quo. If you're an experienced Data Protection Consultant, who can help our clients solve complex Data Protection business challenges, this might be the perfect opportunity for you.
Come join us
In a client-facing consulting role, you will work on exciting projects that transform our client's Data Protection solutions through the design and implementation of predominantly Microsoft Data Protection technologies, with a focus on the Microsoft 365 security capabilities. As a member of our security practice, you will work for both Avanade and Accenture clients, ranging from medium to large global enterprise clients.
Join a curious and diverse team that's passionate about next-gen tech and establish yourself as a Leader in the Security space. Together, let's transform cybersecurity.
What you'll do
As a member of Avanade's security practice, you will be in a unique position to work for both Avanade and Accenture clients, ranging in size from medium to large global enterprise clients. You will have the opportunity to contribute to the entire Avanade organization by being a collaborative and knowledge-sharing individual, with the real opportunity to help shape the global Avanade security offerings as well as demonstrating your thought-leadership by producing blogs and articles for your region and for Avanade.com. We actively encourage and provide opportunity to undertake innovation, training, and
development to ensure you are always at the cutting-edge Microsoft Security technology and our vendor solutions.
This is a fantastic opportunity to establish yourself as a leader in the Data Protection space. You will learn how to deliver and solution large and global Data Protections solutions, as well as gain the knowledge and experience of Microsoft's broader Security, Compliance, and Identity (SCI) ecosystem, which is already recognized as a world-leading integrated security platform.
You will:
- Work with Avanade customers to design and implement Zero Trust architectures using Microsoft
security solutions, focusing on data protection.
- Lead the deployment and configuration of:
o Microsoft Purview for data governance, compliance, information protection, Insider Risk and Data Loss Prevention
o Microsoft Defender for Endpoint, Identity, and Cloud Apps
o Microsoft Defender for Cloud for cloud security posture management
- Develop and maintain data classification, labeling, and retention policies.
- Develop and implement DSPM strategies for AI systems, ensuring secure data flows, model
integrity, and privacy compliance.
- Conduct data protection risk assessments and recommend mitigation strategies.
- Support security workshops, discovery sessions, and technical governance activities
- Provide guidance on compliance frameworks, data lifecycle management, and privacy controls
- Provide technical guidance and training to internal teams on Microsoft security tools.
- Stay current with emerging threats, vulnerabilities, and Microsoft product updates.
- Work independently, with occasional validation of work efforts against strategic and operational
objectives
Required Skills & Experience:
- Proven experience with Microsoft Security technologies including Microsoft Purview, Defender, Sentinel, and Entra ID.
- Hands-on experience with DLP policy design, migration and refinement
- Strong understanding of data protection regulations (e.g. GDPR, DPA 2018, ISO 27001, NIST, EU AI Act).
- Familiarity with AI security concepts, including DSPM, model governance, and data lineage.
- Understanding of Zero Trust architecture and cloud-native security controls.
- Excellent communication and stakeholder engagement skills.
- Relevant certifications (e.g., SC-400, SC-200, AZ-500, CISSP, CIPP/E, AI-specific certs) are highly desirable.
Ideally, you would have had experience working on the Microsoft platform, however we can provide focused training to the right candidates who can demonstrate their passion, experience and thought leadership in this space. To hit the ground running, your skills may include:
- Proven experience of Microsoft Information Protection and with data classification infrastructures and techniques to classifying unstructured and structured data both on-premises and in the cloud.
- Proven experience of Data Loss Prevention technologies across endpoints, email and the internet, including Microsoft Purview.
- Proven experience securing Microsoft 365, leveraging Microsoft Secure Score with a deep understanding of the security capabilities of Microsoft 365.
- Proven experience in techniques and approaches towards the protection of data stored in databases and applications.
- Deep expertise in data confidentiality and data integrity principles.
- Deep expertise of business, privacy, security, and compliance challenges surrounding Data
Protection, including being able to research and understand data privacy requirements.
- A keen interest in Cyber Security, maintaining a good understanding of capabilities across the industry, and in developing their own Cyber experience to continue progression.
- With an eye to the future, you are aware of emerging technologies in the Data Protection space.
About you
Characteristics that can spell success for this role:
- Experience in consulting and advisory discussions with clients and other consulting firms
- Experience in owning the design and implementation of technology solutions.
- You are a Subject matter expert, who has experience working on the Microsoft platform
- Experience managing deliverables and being responsible for delivering against critical milestones.
- Ability to collaborate within a large global organization
- You have implemented work plans for assigned projects, programs and clients against
established operational objectives
- You are seen as a role model and act as a leader
- You may possess one or more certifications
Enjoy your career
Some of the best things about working at Avanade
- Opportunity to work for Microsoft's Global Alliance Partner of the Year (19 years in a row), with exceptional development and training (minimum 80 hours per year for training and paid
certifications)
- Real-time access to technical and skilled resources globally
- Dedicated career advisor to encourage your growth
- Engaged and helpful coworkers genuinely interested in you
Find out more about some of our benefits (1) here.
A great place to work
As you bring your skills and abilities to Avanade, you'll get distinctive experiences, limitless learning, and ambitious growth in return. As we continue to build our diverse and inclusive culture, we become even more innovative and creative, helping us better serve our clients and our communities. You'll join a
community of smart, supportive collaborators to lift, mentor, and guide you, but to also lean on your expertise. You get a company purpose-built for business-critical, leading-edge technology solutions, committed to improving the way humans work, interact, and live. It's all here, so take a closer look!
We work hard to provide an inclusive, diverse culture with a deep sense of belonging for all our employees. Visit our (2) Inclusion & Diversity page.
Create a future for our people that focuses on
- Expanding your thinking - Experimenting courageously - Learning and pivoting
Inspire greatness in our people by
- Empowering every voice - Encouraging boldness - Celebrating progress
Accelerate the impact of our people by
- Amazing the client - Prioritizing what matters - Acting as one
Learn more
To learn more about the types of projects our Security team works on check out these case studies:
- (3) Adopt Zero Trust security model for an agile security posture
- (4) KEHA Centre ensures data security and mitigates customer risk
Interested in knowing what's going on inside Avanade? Check out our blogs:
- (5) Avanade Insights - exchange ideas that drive tomorrow's innovation
- (6) Inside Avanade - explore what life is like working at Avanade
References
Visible links
1. work hard to provide an inclusive, diverse culture with a deep sense of belonging for all our employees. Avanade believes that all persons are entitled to equal employment opportunities, and we do not discriminate against our employees, applicants, or job seekers because of their race, color, gender, religion, national origin, disability, veteran status, age, marital status, sexual orientation, genetic information, gender identity, or any other protect group status as defined by law.

Grant Thornton's Privacy and Data Protection team helps our clients transform and mature their privacy program through assessment, automation, process re-engineering, and managed services. As a Manager within our Privacy & Data Protection practice, you will get the opportunity to grow and contribute to our clients' business needs across a variety of domains including privacy strategy, governance, automation, risk, and compliance management - all with the resources, environment, and support to help you excel.
From day one, you'll be empowered by the greater Risk team and Cyber team to help clients make the moves that will help them achieve their vision and help you achieve more, confidently.
Your day-to-day may include:
+ Adhere to the highest degree of professional standards and strict client confidentiality
+ Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment
+ Apply current knowledge of privacy and data protection trends to issues and other opportunities for improvement
+ Lead the execution of assigned client engagements from start to finish, which includes the engagement planning, directing, and completion of assessments, privacy program implementations, privacy technology implementations, and managed services engagements on time and on-budget
+ Work with the client to plan an engagement strategy, define objectives, and address privacy-related controls risks, and issues
+ Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements
+ Work closely with senior managers and partners to promptly identify and resolve client problems or issues
+ Collaborate with team members at all levels in the development and marketing of the privacy and data protection solution offering
+ Support business development activities including client prospecting, proposal development, professional networking, thought leadership, external webcasts, and other brand-building activities
+ Other duties as assigned
You have the following technical skills and qualifications:
+ Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Juris Doctorate, or a related field is required, Masters preferred
+ Minimum 5 years of related work experience in a similar consulting practice or function servicing cross-industry clients at a national level
+ One or more of the following certifications required: CIPP, CIPM, CIPT, CISSP, or other related certifications
+ Deep understanding of global privacy and data protection regulations and frameworks, such as the GDPR, CCPA, CPRA, HIPAA, GLBA, NIST, ISO, and more
+ Experience working with leading privacy regulations to perform privacy assessments and support privacy program implementations
+ Experience implementing and sustaining tools such as OneTrust, Securiti.ai, WireWheel, and BigID across use cases such as data mapping, data discovery, privacy impact assessments, consent/preference management, cookie compliance, data subject rights, and more
+ Experience preparing reports and other deliverables that contain strategy, project, or technical analysis and findings in connection with consulting engagements and communicating those results to the team and client
+ Experience in project management and the ability to clearly communicate data protection and privacy issues verbally on both a formal and informal basis to all levels of client staff
+ Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships
+ Can travel as needed
The base salary range for this position in Chicago, IL only is between $144,000 and $16,000.
The base salary range for this position in the firm's New York, Los Angeles, CA, and Bellevue, WA offices is between 155,500 and 233,300.
The base salary range for this position in the firm's San Francisco, CA, and San Jose, CA offices is between 165,600 and 248,400.
#LI-LG1
About Us
At Grant Thornton, we believe in making business more personal and building trust into every result - for our clients and you. Here, we go beyond your expectations of a career in professional services by offering a career path with more: more opportunity, more flexibility, and more support. It's what makes us different, and we think being different makes us better.
In the U.S., Grant Thornton delivers professional services through two specialized entities: Grant Thornton LLP, a licensed, certified public accounting (CPA) firm that provides audit and assurance services ― and Grant Thornton Advisors LLC (not a licensed CPA firm), which exclusively provides non-attest offerings, including tax and advisory services.
In 2025, Grant Thornton formed a multinational, multidisciplinary platform with Grant Thornton Ireland. The platform offers a premier Trans-Atlantic advisory and tax practice, as well as independent American and Irish audit practices. With $2 7 billion in revenues and more than 50 offices spanning the U.S., Ireland and other territories, the platform delivers a singular client experience that includes enhanced solutions and capabilities, backed by powerful technologies and a roster of 12,000 quality-driven professionals enjoying exceptional career-growth opportunities and a distinctive cross-border culture.
Grant Thornton is part of the Grant Thornton International Limited network, which provides access to its member firms in more than 150 global markets.
About the Team
The team you're about to join is ready to help you thrive. Here's how:
- Whether it's your work location, weekly schedule or unlimited flex time off, we empower you with the options to work in the way that best serves your clients and your life.
- Here, you are supported to prioritize your overall well-being through work-life integration options that work best for you and those in your household.
- We understand that your needs, responsibilities and experiences are different - and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. See how at When it comes to inclusion, we are committed to doing more than checking boxes. Explore all the ways we're taking action for diversity, equity & inclusion at what you can expect next:
If you apply and are selected to interview, a Grant Thornton team member will reach out to you to schedule a time to connect. We encourage you to also check out other roles that may be a good fit for you or get to know us a little bit better at understand that your needs, responsibilities and experiences are different, and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. For an overview of our benefit offerings, please visit: Benefits for internship positions: Grant Thornton interns are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Interns also receive a minimum of 72 hours of paid sick leave, and are paid for firm holidays that fall within their internship period.
+ Benefits for seasonal employee positions: Grant Thornton seasonal employees are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Seasonal employees may also be eligible to participate in the firm's 401(k) savings plan and employee retirement plan in accordance with applicable plan terms and eligibility requirements. Seasonal employees receive a minimum of 72 hours of paid sick leave.
Grant Thornton employees may be eligible for a discretionary, annual bonus based on individual and firm performance, subject to the terms, conditions and eligibility criteria of the applicable bonus plan or program. Interns and seasonal employees are not eligible for bonus compensation.
Additional Details:
It is the policy of Grant Thornton to promote equal employment opportunities. All personnel decisions (including, but not limited to, recruiting, hiring, training, working conditions, promotion, transfer, compensation, benefits, evaluations, and termination) are made without regard to race, color, religion, national origin, sex, age, marital or civil union status, pregnancy or pregnancy-related condition, sexual orientation, gender identity or expression, citizenship status, veteran status, disability, handicap, genetic predisposition or any other characteristic protected by applicable federal, state, or local law.
Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of Grant Thornton LLP to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. To make an accommodation request, please contact
For Los Angeles Applicants only: We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
For Massachusetts Applicants only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Grant Thornton does not require or administer lie detector tests as a condition of employment or continued employment.

**Become a part of our caring community and help us put health first**
The Senior Data Protection Security Investigations Analyst conducts level two triage of insider threat events including analysis of log files, evidence collection, and other information to identify and mitigate or escalate any data exposure or insider risks. The Senior Data Protection Security Investigations Analyst work assignments involve moderately complex to complex issues where the analysis of situations or data requires an in-depth evaluation of variable factors.
The Senior Data Protection Security Investigations Analyst works with EIP stakeholders and Humana's teams to identify high risk insider activity and ensure appropriate controls are in place to mitigate potential data loss or malicious activity. Begins to influence department's strategy. Make decisions on moderately complex to complex issues regarding technical approach for project components, and work is performed without direction. Exercises considerable latitude in determining objectives and approaches to assignments
This position will help deliver DLP modernization objectives including the expansion of web DLP policies, and migration of Email and CASB DLP to reduce $1.4M in annual spend. From a security perspective, here are some of the benefits we expect to realize by filling this position:
**Email DLP Responsibilities:**
+ Oversee the operational management of selected Data Loss Prevention (DLP) tools for email communications, ensuring consistent enforcement of Humana's data protection standards.
+ Triage and investigate DLP alerts related to email, focusing on potential data leakage, unauthorized sharing of confidential information, or violations of Humana's Information Protection Acceptable Use Policy.
+ Coordinate incident response efforts with relevant teams, utilizing established escalation and reporting protocols to ensure prompt remediation and compliance.
**Web Security Responsibilities:**
+ Monitor, investigate, and respond to suspected policy violations involving web access and usage on Humana systems, including unauthorized attempts to access confidential, Controlled Unclassified Information (CUI), restricted or proprietary data.
+ Analyze web traffic and activity for signs of data exfiltration, malware, or unauthorized use in accordance with Humana's Information Protection Acceptable Use Policy (AUP).
+ Collaborate with Enterprise Information Protection (EIP) and Threat Management & Response (TMR) teams to escalate and resolve web-related incidents, utilizing established reporting channels such as the Security Incident email ( ) and the IT Service Desk.
**CASB (Cloud Access Security Broker) Responsibilities:**
+ Utilize CASB solutions to monitor and manage cloud-based application usage, ensuring compliance with Humana's security and privacy policies.
+ Identify and investigate incidents of unauthorized cloud service access, data sharing, or suspicious activities involving Humana's cloud environments.
+ Support remediation efforts for cloud-related security incidents, working closely with Privacy Office, EIP Threat Response Operations, and other members of the Enterprise Investigations Consortium (EIC).
+ Advise on policy enforcement and configuration best practices for CASB tools to mitigate risks associated with cloud applications.
**Use your skills to make an impact**
**Required Qualifications**
+ Bachelor's degree or equivalent and 5+ years of technical experience.
+ 3 years' experience in Cyber Data Protection
+ Must be passionate about contributing to an organization focused on continuously improving consumer experiences
**Preferred Qualifications**
+ Master's Degree in a Technical Field
+ Security Certifications
Remote/WAH requirements:
+ WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense.
+ A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required.
+ Satellite and Wireless Internet service is NOT allowed for this role.
+ A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information
Travel: While this is a remote position, occasional travel to Humana's offices for training or meetings may be required.
**Scheduled Weekly Hours**
40
**Pay Range**
The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc.
$06,900 - 147,000 per year
This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance.
**Description of Benefits**
Humana, Inc. and its affiliated subsidiaries (collectively, "Humana") offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.
Application Deadline:
**About us**
Humana Inc. (NYSE: HUM) is committed to putting health first - for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health - delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large.

**Equal Opportunity Employer**
It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status. It is also the policy of Humana to take affirmative action, in compliance with Section 503 of the Rehabilitation Act and VEVRAA, to employ and to advance in employment individuals with disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.
Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our

**Summary:**
Meta is looking for a privacy professional to join its Data Protection Office as an Associate DPO, focused on Product Advisory work. We are looking for someone who thrives in a ever-changing and sometimes ambiguous environment, is skilled at navigating complex cross-functional initiatives and is excited to engage internally and externally to support privacy at Meta. You are an ambitious self-starter who can solve hard problems and recognize different perspectives.The Global Data Protection Office is accountable for advising on and monitoring compliance with the applicable global data protection laws. In this role, you will work directly with cross-functional teams, such as product and legal teams to advise on the most complicated and strategic of Meta's privacy topics. You have experience interacting with both technical and legal teams, and bring solid real-world knowledge of privacy regulations and relevant technologies to the job.This is a highly collaborative role. Success will require solid cross-functional collaboration, proven project/program management skills, and organizational skills with a keen attention to detail. Embracing ambiguity while bringing clarity and standardization to processes and functions is critical to success. You should be a team player who is okay innovating beyond our existing ways of working and bringing a fresh perspective to our approach.
**Required Skills:**
Associate Data Protection Officer, Product Advisory Responsibilities:
1. Own product coverage area and work with relevant cross-functional teams to assess and mitigate privacy risks on company-level, high complexity strategic initiatives ahead of launch
2. Review and advise on privacy accountability documentation concerning products (e.g., DPIAs)
3. Produce high quality detailed advice to product teams based on assessing regulator scrutiny and user impact risks
4. Inform and drive escalations to the Global DPO about key product risks, advice and mitigations
5. Provide oversight on post-launch reporting and monitoring
**Minimum Qualifications:**
Minimum Qualifications:
6. 8+ years of work experience in compliance, program/project management, operations and/or strategy
7. Experience working within a product environment and partnering with cross-functional stakeholders, including legal, policy and product functions
8. Experience advising on compliance with data protection laws and privacy requirements
9. Robust communicator with a track record of aligning cross-functional teams around a common goal
10. Experience in project management, problem solving, time-management and organizational skills, and the capacity to set strategic priorities combined with a demonstrated aptitude of delivering operational results
11. Demonstrated experience thriving in ambiguity in an ever-evolving regulatory environment while building new processes, maturing existing processes and driving standardization across teams and functions
**Preferred Qualifications:**
Preferred Qualifications:
12. Experience working for a leading global tech company, in a privacy compliance capacity
**Public Compensation:**
$143,000/year to $200,000/year + bonus + equity + benefits
**Industry:** Internet
**Equal Opportunity:**
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment.
Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at

As a Cyber Privacy & Data Protection Senior Associate, you will get the opportunity to grow and contribute to our clients' business needs by applying a collection of information and cybersecurity capabilities, including security and privacy, strategy, governance, IT risk, security testing, technology implementation/operations, cybercrime and breach response for the Cybersecurity & Privacy Practice - all with the resources, environment, and support to help you excel.
From day one, you'll be empowered by the greater Risk team to help clients make the moves that will help them achieve their vision and help you achieve more, confidently.
Your day-to-day may include:
+ Adhere to the highest degree of professional standards and strict client confidentiality
+ Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment
+ Ability to communicate in an organized and knowledgeable manner in written and verbal means - including delivering clear requests for information, developing responses to client requests, and communicating conflicts and risks
+ Deep understanding of global privacy and data protection regulations, such as EU's GDPR, and US laws such as CCPA, CPRA, CDPA, CPA, HIPAA, GLBA
+ Apply current knowledge of privacy and data protection trends, issues, and other opportunities for improvement
+ Assist clients in planning and executing remediation plans identified in assessment activities
+ Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements
+ Collaborate with team members at all levels in the development and marketing of the privacy service offering
+ Develop high-quality deliverables through collaboration with clients and team members to address needs and demonstrate an understanding of clients' business
+ Other duties as assigned
You have the following technical skills and qualifications:
+ Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field is required, Masters preferred
+ Minimum 2 years of related work experience in a similar consulting practice or function servicing cross-industry clients at a national level
+ Obtained or active pursuit of one or more of the following certifications: CIPP, CIPT, CISSP, or other related certifications
+ Experience working with leading privacy regulations to perform privacy assessments and support privacy program implementations
+ Experience preparing reports and other deliverables that contain strategy, project, or technical analysis and findings in connection with consulting engagements and communicating those results to the team and client
+ Knowledge of privacy technology solutions and experience implementing and sustaining tools such as OneTrust, WireWheel, Securiti.ai, BigID is a plus
+ Experience in project management and the ability to clearly communicate privacy and data protection issues verbally on both a formal and informal basis to all levels of client staff
+ Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships
+ Demonstrates creative thinking and problem-solving skills, and advanced knowledge of MS Office Word, Excel, Visio, and PowerPoint
+ Can travel as needed.
The base salary range for this position in Bellevue, WA & New York City, NY, only is between $112,300 and $68,500.
The base salary range for this position in San Francisco, CA, only is between 119,600 and 179,400.
#LI-LG1
About Us
At Grant Thornton, we believe in making business more personal and building trust into every result - for our clients and you. Here, we go beyond your expectations of a career in professional services by offering a career path with more: more opportunity, more flexibility, and more support. It's what makes us different, and we think being different makes us better.
In the U.S., Grant Thornton delivers professional services through two specialized entities: Grant Thornton LLP, a licensed, certified public accounting (CPA) firm that provides audit and assurance services ― and Grant Thornton Advisors LLC (not a licensed CPA firm), which exclusively provides non-attest offerings, including tax and advisory services.
In 2025, Grant Thornton formed a multinational, multidisciplinary platform with Grant Thornton Ireland. The platform offers a premier Trans-Atlantic advisory and tax practice, as well as independent American and Irish audit practices. With $2 7 billion in revenues and more than 50 offices spanning the U.S., Ireland and other territories, the platform delivers a singular client experience that includes enhanced solutions and capabilities, backed by powerful technologies and a roster of 12,000 quality-driven professionals enjoying exceptional career-growth opportunities and a distinctive cross-border culture.
Grant Thornton is part of the Grant Thornton International Limited network, which provides access to its member firms in more than 150 global markets.
About the Team
The team you're about to join is ready to help you thrive. Here's how:
- Whether it's your work location, weekly schedule or unlimited flex time off, we empower you with the options to work in the way that best serves your clients and your life.
- Here, you are supported to prioritize your overall well-being through work-life integration options that work best for you and those in your household.
- We understand that your needs, responsibilities and experiences are different - and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. See how at When it comes to inclusion, we are committed to doing more than checking boxes. Explore all the ways we're taking action for diversity, equity & inclusion at what you can expect next:
If you apply and are selected to interview, a Grant Thornton team member will reach out to you to schedule a time to connect. We encourage you to also check out other roles that may be a good fit for you or get to know us a little bit better at understand that your needs, responsibilities and experiences are different, and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. For an overview of our benefit offerings, please visit: Benefits for internship positions: Grant Thornton interns are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Interns also receive a minimum of 72 hours of paid sick leave, and are paid for firm holidays that fall within their internship period.
+ Benefits for seasonal employee positions: Grant Thornton seasonal employees are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Seasonal employees may also be eligible to participate in the firm's 401(k) savings plan and employee retirement plan in accordance with applicable plan terms and eligibility requirements. Seasonal employees receive a minimum of 72 hours of paid sick leave.
Grant Thornton employees may be eligible for a discretionary, annual bonus based on individual and firm performance, subject to the terms, conditions and eligibility criteria of the applicable bonus plan or program. Interns and seasonal employees are not eligible for bonus compensation.
Additional Details:
It is the policy of Grant Thornton to promote equal employment opportunities. All personnel decisions (including, but not limited to, recruiting, hiring, training, working conditions, promotion, transfer, compensation, benefits, evaluations, and termination) are made without regard to race, color, religion, national origin, sex, age, marital or civil union status, pregnancy or pregnancy-related condition, sexual orientation, gender identity or expression, citizenship status, veteran status, disability, handicap, genetic predisposition or any other characteristic protected by applicable federal, state, or local law.
Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of Grant Thornton LLP to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. To make an accommodation request, please contact
For Los Angeles Applicants only: We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
For Massachusetts Applicants only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Grant Thornton does not require or administer lie detector tests as a condition of employment or continued employment.

As a Cyber Privacy & Data Protection Senior Associate, you will get the opportunity to grow and contribute to our clients' business needs by applying a collection of information and cybersecurity capabilities, including security and privacy, strategy, governance, IT risk, security testing, technology implementation/operations, cybercrime and breach response for the Cybersecurity & Privacy Practice - all with the resources, environment, and support to help you excel.
From day one, you'll be empowered by the greater Risk team to help clients make the moves that will help them achieve their vision and help you achieve more, confidently.
Your day-to-day may include:
+ Adhere to the highest degree of professional standards and strict client confidentiality
+ Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment
+ Ability to communicate in an organized and knowledgeable manner in written and verbal means - including delivering clear requests for information, developing responses to client requests, and communicating conflicts and risks
+ Deep understanding of global privacy and data protection regulations, such as EU's GDPR, and US laws such as CCPA, CPRA, CDPA, CPA, HIPAA, GLBA
+ Apply current knowledge of privacy and data protection trends, issues, and other opportunities for improvement
+ Assist clients in planning and executing remediation plans identified in assessment activities
+ Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements
+ Collaborate with team members at all levels in the development and marketing of the privacy service offering
+ Develop high-quality deliverables through collaboration with clients and team members to address needs and demonstrate an understanding of clients' business
+ Other duties as assigned
You have the following technical skills and qualifications:
+ Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field is required, Masters preferred
+ Minimum 2 years of related work experience in a similar consulting practice or function servicing cross-industry clients at a national level
+ Obtained or active pursuit of one or more of the following certifications: CIPP, CIPT, CISSP, or other related certifications
+ Experience working with leading privacy regulations to perform privacy assessments and support privacy program implementations
+ Experience preparing reports and other deliverables that contain strategy, project, or technical analysis and findings in connection with consulting engagements and communicating those results to the team and client
+ Knowledge of privacy technology solutions and experience implementing and sustaining tools such as OneTrust, WireWheel, Securiti.ai, BigID is a plus
+ Experience in project management and the ability to clearly communicate privacy and data protection issues verbally on both a formal and informal basis to all levels of client staff
+ Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships
+ Demonstrates creative thinking and problem-solving skills, and advanced knowledge of MS Office Word, Excel, Visio, and PowerPoint
+ Can travel as needed.
The base salary range for this position in Bellevue, WA & New York City, NY, only is between $112,300 and $68,500.
The base salary range for this position in San Francisco, CA, only is between 119,600 and 179,400.
#LI-LG1
About Us
At Grant Thornton, we believe in making business more personal and building trust into every result - for our clients and you. Here, we go beyond your expectations of a career in professional services by offering a career path with more: more opportunity, more flexibility, and more support. It's what makes us different, and we think being different makes us better.
In the U.S., Grant Thornton delivers professional services through two specialized entities: Grant Thornton LLP, a licensed, certified public accounting (CPA) firm that provides audit and assurance services ― and Grant Thornton Advisors LLC (not a licensed CPA firm), which exclusively provides non-attest offerings, including tax and advisory services.
In 2025, Grant Thornton formed a multinational, multidisciplinary platform with Grant Thornton Ireland. The platform offers a premier Trans-Atlantic advisory and tax practice, as well as independent American and Irish audit practices. With $2 7 billion in revenues and more than 50 offices spanning the U.S., Ireland and other territories, the platform delivers a singular client experience that includes enhanced solutions and capabilities, backed by powerful technologies and a roster of 12,000 quality-driven professionals enjoying exceptional career-growth opportunities and a distinctive cross-border culture.
Grant Thornton is part of the Grant Thornton International Limited network, which provides access to its member firms in more than 150 global markets.
About the Team
The team you're about to join is ready to help you thrive. Here's how:
- Whether it's your work location, weekly schedule or unlimited flex time off, we empower you with the options to work in the way that best serves your clients and your life.
- Here, you are supported to prioritize your overall well-being through work-life integration options that work best for you and those in your household.
- We understand that your needs, responsibilities and experiences are different - and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. See how at When it comes to inclusion, we are committed to doing more than checking boxes. Explore all the ways we're taking action for diversity, equity & inclusion at what you can expect next:
If you apply and are selected to interview, a Grant Thornton team member will reach out to you to schedule a time to connect. We encourage you to also check out other roles that may be a good fit for you or get to know us a little bit better at understand that your needs, responsibilities and experiences are different, and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. For an overview of our benefit offerings, please visit: Benefits for internship positions: Grant Thornton interns are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Interns also receive a minimum of 72 hours of paid sick leave, and are paid for firm holidays that fall within their internship period.
+ Benefits for seasonal employee positions: Grant Thornton seasonal employees are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Seasonal employees may also be eligible to participate in the firm's 401(k) savings plan and employee retirement plan in accordance with applicable plan terms and eligibility requirements. Seasonal employees receive a minimum of 72 hours of paid sick leave.
Grant Thornton employees may be eligible for a discretionary, annual bonus based on individual and firm performance, subject to the terms, conditions and eligibility criteria of the applicable bonus plan or program. Interns and seasonal employees are not eligible for bonus compensation.
Additional Details:
It is the policy of Grant Thornton to promote equal employment opportunities. All personnel decisions (including, but not limited to, recruiting, hiring, training, working conditions, promotion, transfer, compensation, benefits, evaluations, and termination) are made without regard to race, color, religion, national origin, sex, age, marital or civil union status, pregnancy or pregnancy-related condition, sexual orientation, gender identity or expression, citizenship status, veteran status, disability, handicap, genetic predisposition or any other characteristic protected by applicable federal, state, or local law.
Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of Grant Thornton LLP to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. To make an accommodation request, please contact
For Los Angeles Applicants only: We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
For Massachusetts Applicants only: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Grant Thornton does not require or administer lie detector tests as a condition of employment or continued employment.

**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
The Data Protection and Security - Principal Architect is a leadership role responsible for defining, implementing, and maintaining enterprise-wide data security and protection strategies. The incumbent will work with other stakeholders to embed sound security practices, principals, and controls in their strategies, programs, and operations. This includes, but is not limited to, specific focus on addressing the unique data and asset protection challenges and opportunities presented by Artificial Intelligence (AI) and Machine Learning (ML) technologies. This role will ensure the confidentiality, integrity, and availability of digital assets across all services, functions, projects, and deliverables, with a strong emphasis on data access control, preventing data leakage and ensuring responsible data handling practices. The Data Protection and Security - Principal Architect is responsible for the evaluation of technologies, use cases, and tools to enhance and to mature data security and protection capabilities and supporting services. Mentors other information security and data professionals and provides guidance on data security and protection leading practices.
**ESSENTIAL RESPONSIBILITIES**
+ Develop systems and component architectures and APIs that meet the test of time. Articulate and evangelize architectural principles reciprocally with engineering, architecture and product teams that ensure system components fit securely, are sustainable, and align with company's business direction. Analyze and recommend novel technologies, architectural solutions (and associated business cases) to the various technology executives across the company which simultaneously optimize value, risk, spend & design footprints.
+ Influence enterprise solutions architects and engineers to define, develop, maintain, and communicate the technology and platform strategy, guidelines, and re-usable design patterns to all levels including the Highmark Health executive team.
+ Work with external and internal engineering teams to provide continuous architecture and design mentorship/leadership and be a source of support that ensures successful product delivery and operational excellence in production, including leadership and support for application development and change management activities.
+ Establish relationships with key architects and executive technology leadership across the enterprise technology organization and collaborate on promoting architectural standard methodologies.
+ Collaborate with key internal and external partners such as security, developers, development managers, product and program management and senior technical and business executives to drive the Architecture strategy, reference enterprise architecture documents, functional specifications, designs, and architectural libraries.
+ Resolve approaches for new areas by quickly investigating and synthesizing the state of the art and available technologies including leading the development of enterprise solutions which meet current and future business requirements.
+ Take a consultative approach to develop, present and share the value and vision of proposed architectures and solutions to a wide audience
+ Promote architecture standard methodologies and mentor key technical people within the Data Product organization.
+ Champion a culture of innovation in an environment that requires high levels of scalability, security and reliability for our most critical enterprise cloud and 'on premise' applications and infrastructure.
+ Other duties as assigned or requested.
**EXPERIENCE**
**Required**
+ 10 years of experience in Information Security.
+ 4 years of experience as Information Security Architect with deep understanding of domains of security (e.g. zero trust, data protection, identity & access mgmt., threat mgmt., etc.)
+ 3 years of experience with data management, query processing, distributed processing, high availability, statistical and machine learning and operational excellence of production systems.
**Preferred**
+ 3 years of experience in Mergers and Acquisitions (evaluation, integration, etc.)
+ 3 years of experience managing and leading teams.
**SKILLS**
+ Outstanding verbal, written, presentation, facilitation, and interaction skills, including ability to effectively communicate architectural issues and concepts to technical and non-technical people at multiple organization levels
+ Outstanding technical acumen across a broad range of cloud and on premise technologies, architectures, applications and APIs
+ Demonstrated ability to initiate and guide enterprise technical programs and/or products and services business cases to successful outcomes at scale
+ Demonstrated ability to both navigate technical details for enterprise security programs and services, and guide staff through solution development
+ Outstanding judgement and ability to methodically analyze cyber risk, and intelligence and both offer risk appropriate advice and make risk appropriate decisions
**Preferred Skills Experience**
+ Significant knowledge and experience with data architecture concepts, practices, tools, and strategies
+ AI Security Expertise: Serve as the subject matter expert on data security and protection best practices for AI/ML systems, including but not limited to:
+ Data privacy in AI model development and deployment.
+ Security of AI algorithms and models against adversarial attacks.
+ Bias detection and mitigation in AI systems.
+ Secure data handling and storage for AI training data.
+ Ensuring compliance with ethical AI principles.
**EDUCATION**
**Required**
+ Bachelor's degree in Computer Science or related field of studyor relevant experience and/or education as determined by the company in lieu of bachelor's degree.
**Preferred**
+ Masters Computer Science or related field of study.
**LICENSES or CERTIFICATIONS**
**Required**
+ None
**Preferred**
+ Security certifications (e.g. The Open Group Architecture Framework Certification (TOGAF), Certified Information Security Professional (CISSP), Certified Information Security Manager (CISM), etc.)

**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office- or Remote-based
Teaches / trains others
Occasionally
Travel from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
No
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
**Pay Range Minimum:**
$108,000.00
**Pay Range Maximum:**
$201,800.00
_Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J