Senior Cybersecurity Engineer
Company: Labcorp
Location: Durham
Posted on: March 11, 2026
|
|
|
Job Description:
Laboratory Corporation of America (LCA) is seeking a
Cybersecurity Engineer to join its Office of Information Security,
reporting to the head of Security Engineering and Architecture. The
Cybersecurity Engineer will have practical experience in multiple
information security domains, with particular strengths in securing
cloud-native environments and protecting regulated data, including
PHI, PII, and PCI. More generally, the Cybersecurity Engineer will
have a deep understanding of modern enterprise security challenges
including the secure adoption and advancement of AI technology and
platforms and will work with various teams to ensure Labcorp’s
enterprise security strategy is carried out. Applicants who live
within 35 miles of either the Burlington, NC or Durham, NC location
will follow a hybrid schedule. This schedule includes a minimum of
three in office days per week at an assigned location, either
Burlington or Durham, supporting both collaboration and
flexibility. Responsibilities: Partner with other technical teams
to design and drive the implementation of security controls for
PaaS and IaaS environments and associated components. For example:
Infrastructure as code (IaC) Container security (Kubernetes/EKS,
ECS, image scanning) Serverless functions/Lambda Data services (S3,
RDS, DynamoDB) M365 Services (Entra, Purview, Intune) Design,
implement, and oversee security controls for AI platforms,
including data governance, model integrity, access control, and
adversarial threat mitigation. Lead efforts to ensure sensitive
data has appropriate protections in accordance with internal policy
and external regulations. For example: Encryption at rest
(application encryption, transparent data encryption) Encryption
in-transit (TLS, IPSec tunnels) Key management (KMS/Key Vault, HSM)
Tokenization/deidentification of PHI Lead and participate in
technical security reviews of strategic applications: Collaborate
with other IT teams to understand the design and document any
risks. Recommend and drive the adoption of technical controls to
strengthen security posture. Collaborate with application
development teams on best practices for embedding fine-grained
authorization inside of modern web applications and microservices.
Work alongside other team members to develop technical security
standards and best practices across various security domains;
socialize and evangelize to other IT teams. Articulate common TTP’s
used by malicious software and threat actors, along with associated
remediation, to other IT teams. Provide level 3 support of security
incidents as required. Assist members of Governance, Risk, and
Compliance to answer technical questions from auditors and clients.
In partnership with the broader Office of Information Security,
research and recommend emerging security technologies/tools to
address current and future threats. Represent the interests of
security and risk to other technical staff and business
stakeholders. Qualifications: Minimum Required: Minimum 5 years of
experience in cybersecurity. Hands-on experience working with a
major public cloud platform such as AWS, Azure, or GCP. Experience
in securing common cloud-native services residing in PaaS/IaaS
environments. A working understanding of modern identity and access
management concepts as they relate to application authentication
and authorization, especially OAuth 2.0 and OIDC. Familiarity with
REST APIs and healthcare standards such as HL7 FHIR and SMART on
FHIR. Experience in implementing security controls to protect
regulated data. Strong interpersonal, written, and oral
communication skills. Highly self-motivated and directed
professional, with keen attention to detail. Proven project
management and organizational skills, specifically managing
multiple, concurrent projects. Excellent analytical,
problem-solving and decision-making abilities. Able to effectively
prioritize tasks in a high-pressure environment. Strong customer
service and solution-focused orientation. Preferred Skills:
Bachelors or higher is highly desired. CISSP certification desired.
Familiarity with scripting – Powershell, Python, shell scripting.
Familiarity with threat analysis models such as the cyber kill
Chain and the MITRE ATT&CK framework. Familiarity with
identity-centric zero trust network access (ZTNA) solutions.
Previous experience in securing medical and related instrumentation
devices. Understanding of industry standards and compliance
requirements related to cybersecurity and cloud
computing—especially ISO 27001, HIPAA, and PCI DSS. Familiarity
with NIST and/or CIS benchmarks. Benefits: Employees regularly
scheduled to work 20 or more hours per week are eligible for
comprehensive benefits including: Medical, Dental, Vision, Life,
STD/LTD, 401(k), Paid Time Off (PTO) or Flexible Time Off (FTO),
Tuition Reimbursement and Employee Stock Purchase Plan. Casual, PRN
& Part Time employees regularly scheduled to work less than 20
hours are eligible to participate in the 401(k) Plan only.
Employees who are regularly scheduled to work a 7 on 7 off schedule
are eligible to receive all the foregoing benefits except PTO or
FTO. For more detailed information, please click here. Labcorp is
proud to be an Equal Opportunity Employer: Labcorp strives for
inclusion and belonging in the workforce and does not tolerate
harassment or discrimination of any kind. We make employment
decisions based on the needs of our business and the qualifications
and merit of the individual. Qualified applicants will receive
consideration for employment without regard to race, religion,
color, national origin, sex (including pregnancy, childbirth, or
related medical conditions), family or parental status, marital,
civil union or domestic partnership status, sexual orientation,
gender identity, gender expression, personal appearance, age,
veteran status, disability, genetic information, or any other
legally protected characteristic. Additionally, all qualified
applicants with arrest or conviction records will be considered for
employment in accordance with applicable law. We encourage all to
apply If you are an individual with a disability who needs
assistance using our online tools to search and apply for jobs, or
needs an accommodation, please visit our accessibility site or
contact us at Labcorp Accessibility. For more information about how
we collect and store your personal data, please see our Privacy
Statement.
Keywords: Labcorp, Burlington , Senior Cybersecurity Engineer, IT / Software / Systems , Durham, North Carolina
