To us it’s personal.

Sr Security Engineer

Covance 11/1/2018 4:35:09 PM
JOB ID: 25079 Category: Information Technology
Burlington, North Carolina



Job Overview

Job Description: Senior Data Security Engineer

We are seeking a Senior Data Security Engineer to join the Office of Information Security, reporting to the Director of Security Engineering and Innovation. The Senior Data Security Engineer will lead and implement an enterprise strategy on data security, and will partner with various technical teams to ensure this strategy is carried out. The Senior Data Security Engineer will also work closely with other security staff and represent the interests of the broader Information Security team to the rest of the enterprise.


* Manage, implement, and continuously improve the security of company data, including client and patient data.
* Define and ensure implementation of appropriate security controls commensurate with data classification.
* Define and ensure a consistent set of controls in order to secure protected health information (PHI).
* Partner with DevOps and other technical teams representing infrastructure, application development, and information security in order to design and implement data security solutions.
* Evaluate, recommend, and implement data security controls including transactional auditing, log retention, encryption and data masking.
* Articulate and maintain a solid understanding of technical controls required to secure data at rest and in transit.
* Assess business requirements and use cases in order to facilitate the adoption of data security controls.
* Monitor and report on access to sensitive data; respond to any data breaches accordingly.
* Work closely with database administrators to understand and implement security controls inherent in the platform (Oracle, Microsoft SQL, Sybase, etc.).
* Work closely with team members from Risk Management and Compliance in order to understand external compliance requirements.
* Represent the interests of the broader Information Security team to other technical staff and business stakeholders.
* Develop and maintain data security standards and evangelize those to appropriate staff.
* Develop and share data security expertise within the broader Information Security team.
* In partnership with the broader Information Security team, research and recommend emerging security technologies/tools to address current and future threats.
* Provide guidance for security remediation to business and IT partners by conducting technical risk assessments (includes vulnerability assessment).
* Participate in security incident handling and investigations as required.
* Interact and manage vendors, outsourcers, and contractors regarding security products and services.
* Manage and/or provide guidance to junior members of the team.


* Bachelor's or Master's Degree in Information Systems, Computer Science or related discipline is highly desired.
* CISSP certification desired.


Minimum Required:

* Minimum 3 years Experience in information security.
* Proven Experience and success with data security design and implementation.
* Working knowledge of common database security controls, including encryption and data masking.
* Proven Experience with information security best practices.
* Proven project management and organizational skills, specifically managing multiple, concurrent projects.
* Strong interpersonal, written, and oral communication skills.
* Highly self-motivated and directed professional, with keen attention to detail.
* Excellent analytical, problem-solving and decision-making abilities.
* Able to effectively prioritize tasks in a high-pressure environment.
* Strong customer service and solution-focused orientation.
* Experience working in a team-oriented, collaborative environment.

Preferred Skills:

* Development or scripting knowledge desired.
* Understanding of industry standards and compliance requirements related to information security and data security—especially ISO 27001, HIPAA, and PCI DSS.
* Working knowledge of at least one major data security platform (IBM Guardium, Imperva SecureSphere for Databases, etc.)
* Experience working with noSQL databases including MongoDB and Hadoop.

Position Type: Full-Time

Location: Burlington, NC - North Carolina


Covance Recruiting Process

Below is a general Overview of Our Recruiting Process

If you’d like to work for us, please submit your resume/CV online. If your ability to use or access our electronic application is limited due to a disability, please visit or call 1-800-978-4473 for help.

We consider applications from everyone who is interested in a position with us and who meets the required criteria and qualifications.

If your application is selected, someone from our recruiting team will contact you to arrange an initial screen. We may carry this out over the phone or at a face-to-face meeting. You must complete the screen to be considered for the position.

Based on the results of the initial screen, we may invite you to an interview. One of our recruiting team members will contact you to arrange this. The process may involve several interviews, initially over the phone, and then face-to-face with different members of the hiring team.

Our interviews follow a behavioral-based format. This means we’ll ask you to give us information that’s specific to your professional and educational experiences.

Hiring team members will share and discuss their input and then make their decision.

If you’re the person who best meets the requirements of the position, a member of the hiring team will get in touch to make you an offer of employment. Covance is an eVerify employer (United States only).