HealthEquity is committed to saving and improving lives by empowering healthcare consumers. The Senior Data Protection Cryptography Engineer will be responsible for safeguarding sensitive healthcare and financial data, focusing on securing and monitoring access to structured data environments while collaborating with various teams to enhance data security measures.
Responsibilities:
- Design and implement database activity monitoring solutions (e.g., Imperva or similar)
- Monitor and analyze database access patterns at a granular level — including service accounts, APIs, and AI-driven access
- Detect anomalous or risky behavior, such as unusual access frequency, new access paths, or unexpected usage patterns
- Build alerting and controls to help identify misuse, abuse, or runaway automation
- Help answer critical questions around who is accessing sensitive data, what they’re accessing, and why
- Partner with teams evaluating or implementing column-level encryption
- Apply practical knowledge of cryptography concepts, including: Tokenization and format-preserving encryption (FPE), Key management solutions such as HashiCorp Vault or Thales
- Support and guide encryption initiatives, even when implementation is shared across teams
- Help define secure patterns for database access, including certificate-based trust
- Partner with Identity and Database teams to improve how access is authenticated, managed, and audited
- Support secure service account usage and access boundaries
- Work closely with data discovery, database administration, application, and AI teams
- Bring structure to complex problems by prioritizing risk, sequencing work, and driving execution
- Operate as a hands-on engineer who turns ambiguity into action
Requirements:
- Bachelor's degree in Computer Science, Engineering, or a related field or equivalent practical experience
- Experience building or operating database security or hardening solutions in production
- Hands-on experience with database activity monitoring tools (Imperva or similar)
- Working knowledge of cryptography concepts, including encryption, tokenization, or FPE
- Strong understanding of how applications, APIs, service accounts, and AI workloads interact with databases
- Ability to prioritize, execute, and drive outcomes in complex, evolving environments
- Experience with certificate management or PKI
- Background securing sensitive or regulated data environments
- Experience partnering closely with database administrators or data platform teams