Senior Security Engineer I

Primary Duties

• Working cross-functionally to design, build, and operate solutions that improve  and mature our security capabilities
• Leveraging data to understand trends, metrics, and opportunities to improve our security posture, researching options, and then making recommendations as options to secure those opportunities with stakeholders
• Leading and enhancing incident / issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents / issues
• Helping craft and refine security documentation pertinent to our Security Program, such as policies, standards, baselines, and standard operating procedures

Minimum Qualifications

• BS / BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 6 years security domain experience without degree.
• 4+ years combined experience as a security engineer in an enterprise environment (preferably cloud) across multiple disciplines.
• 3+ years of relevant work experience in Enterprise Identity and Access management and/or Consumer Identity and Access management and security posture management.  
• 2+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long term business value.

Preferred KSA’s

• Core Responsibilities & Strategy:
• Develop and enforce comprehensive Tableau access control strategies, policies, and procedures to ensure data confidentiality, integrity, and availability.
• Design and implement Role-Based Access Control (RBAC) models within Tableau Server/Cloud, aligning user permissions with organizational roles and data sensitivity.
• Establish and maintain Tableau site roles, groups, and individual user permissions, ensuring proper segregation of duties and least privilege access principles.
• Collaborate with data owners, business stakeholders, and IT teams to define granular data access requirements and translate them into effective Tableau security configurations.
• Conduct regular security audits and reviews of Tableau environments to identify potential vulnerabilities, unauthorized access, and ensure compliance with internal policies and external regulations (e.g., GDPR, HIPAA).
Implementation & Configuration:
• Configure and manage user authentication methods (e.g., Active Directory, SAML, OpenID Connect, MFA) within Tableau, integrating with enterprise identity management systems.
• Implement and manage Row-Level Security (RLS) using various methods (e.g., user filters, data policies, database RLS) to restrict data visibility based on user attributes.
• Administer project-level permissions, locking permissions where appropriate to ensure consistent security across content within a project and minimize individual workbook permission overrides.
• Manage and monitor data source permissions, ensuring secure connections to underlying data sources and controlling capabilities like data download and web editing.
• Oversee content governance, including the certification of trusted data sources and the implementation of data quality warnings to promote secure and reliable data consumption.
• Configure and maintain secure communication within Tableau, including SSL/TLS encryption for data in transit and at rest.
Monitoring, Incident Response & Optimization:
• Monitor Tableau activity logs and administrative views to detect and investigate suspicious access patterns, permission changes, or security incidents.
• Develop and execute incident response procedures related to Tableau security breaches or unauthorized access attempts.
• Proactively identify and mitigate security risks within the Tableau environment, staying updated on the latest security threats and Tableau security features.
• Provide guidance and training to Tableau users and content creators on security best practices, access control mechanisms, and data governance policies.
• Optimize Tableau performance while maintaining robust security, ensuring efficient data access without compromising security posture.
Integration into Data Catalog (DataHub)
• Coordinate with Data Governance to ensure all requirements are met

Required Qualifications

• Education & Experience:
• Bachelor's degree in Health Informatics, Information Technology, Computer Science, or related field
• 3-5 years of experience in healthcare data security, access management, or Tableau administration within clinical environments
• Demonstrated experience implementing security frameworks for healthcare analytics and population health management platforms
Healthcare & Technical Skills:
• Advanced proficiency in Tableau Server and Tableau Cloud administration with specific experience securing clinical and patient data visualizations
• Strong knowledge of Role-Based Access Control (RBAC) principles applied to healthcare settings and clinical workflows
• Experience with healthcare data governance frameworks and PHI (Protected Health Information) access control policies
• Proficiency in security auditing tools for healthcare business intelligence platforms and clinical analytics systems
• Understanding of clinical data classification, patient privacy requirements, and healthcare database security concepts
Healthcare Compliance & Regulatory Knowledge:
• Deep working knowledge of HIPAA Security and Privacy Rules, including technical, administrative, and physical safeguards
• Experience with healthcare compliance frameworks including HITECH Act, state privacy laws, and CMS requirements
• Proven experience conducting HIPAA risk assessments and security vulnerability analyses in healthcare technology environments
• Familiarity with healthcare audit processes, breach notification requirements, and documentation standards
Professional Skills:
• Strong analytical abilities with understanding of population health metrics, quality measures, and value-based care analytics
• Excellent communication skills with ability to collaborate with clinical stakeholders, practice administrators, and healthcare IT teams
• Experience working with primary care practices, ACOs, or health systems to define clinical data access requirements
• Project management skills with experience managing security initiatives that impact patient care delivery and clinical workflows

Preferred Qualifications

• Tableau certification (Server Certified Associate or higher)
• Healthcare security certifications (CHPS, HCISPP, or similar)
• Experience with value-based care analytics and population health management platforms
• Knowledge of clinical quality measures (HEDIS, CMS Stars, MIPS)


• Proven ability to collaborate effectively with cross-functional teams including IT, business users, and data owners
• Project management skills with experience managing multiple security initiatives simultaneously
Preferred Qualifications:
• Tableau certification (Server Certified Associate or higher)
• Security certifications (CISSP, CISA, or similar)
• Experience with additional BI platforms (Power BI, Qlik, etc.)

Physical Requirements

• Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.