Resp & Qualifications
PRINCIPAL ACCOUNTABILITIES:
Under the supervision of the Manager, Information Security, the
incumbent's accountabilities include, but are not limited to the
following:
- Support and deploy systems, information security applications
and hardware, and infrastructure components to protect the security
of CareFirst information.
- Provide appropriate training to other security specialists and
external customers on developed standards, procedures and
guidelines.
- Implement necessary enhancements/updates/upgrades to existing
security products.
- Assist in the configuration and installation of security
products. Where possible, suggesting and implementing possibilities
to automate manual operational activities.
- Represent Information Security in disaster recovery procedures
and exercises.
- Test and report on new technologies and reporting security
concerns through the creation of security vulnerability
assessments.
- Review and approve ACL / firewall change requests. Perform
periodic compliance reviews of firewall configurations.
- Serve as lead technical information security
coordinator/project lead and as a contributor to cross functional
teams for deployment and support of security specific
infrastructure to provide information security to the
enterprise.
- Provide support and guidance to a team of technically diverse
personnel of senior level security specialists and junior level
security specialists.
- Design, implement, and integrate security solutions to address
enterprise risks and exposures.
- Design and implement security solutions to monitor the
efficiency and effectiveness of security operations, controls and
infrastructure.
- Performing security governance through the design and
implementation of security policies, procedures, guidelines and
standards to maintain the confidentiality, integrity and
availability of information systems and data.
Apply technology and processes to ensure the enterprise is
protected and secured in the following areas:
- Identity and access management.
- Provide data protection (through the use of technologies such
as whole disk encryption, end-to-end e-mail security, public and
private key management, data leakage prevention, web applications
and source code security, database security, etc.)
- Network devices and infrastructure, desktop/mobile devices and
remote access to the network,
- Information governance to ensure data is managed based on its
sensitivity, information security policies, guidelines, and
standards.
- Information governance through Perform day-to-day maintenance
and address issues and problems associated with security
tools.
- Provide general support to the Information Security department
in carrying out its' assigned functions and responsibilities.
- Provide off-hours support and problem resolution as directed by
departmental requirements, service level agreements and internal
support procedures.
- Provide assistance with audit issues and concerns affecting the
Information Security department
- Interact with other Technical and Operation Support Service
teams to develop tactical and strategic programs to address
processes, controls, organization and infrastructure to manage
information security related concerns and satisfy directives.
- Properly interpret business and technical requirements into
security solutions and designs that are consistent with the current
information security architecture.
- Implement and assist in enforcement of company security
policies.
- Document results of system and application reviews including
corrective action taken and security related documentation.
- Assist with reviews of current and new CareFirst systems and
applications, including changes to existing applications/systems,
to assure compliance with Information Security policies and
standards.
- Apply creative thinking in problem solving and identifying
opportunities for improvements in security.
- Provide Information Security related recommendations regarding
CareFirst infrastructure components (communications network,
physical security, data access, computer hardware/software and data
confidentiality, integrity, and availability).
- Work with intra/interdepartmental technical and business
personnel in a dynamic and varying environment.
- Collaborate with other Information Security specialists,
designers, developers, and architects.
- Work with other technical teams in the organization such as IT
Operations and IT Applications.
- Share ideas, discuss alternatives, and seek input. Suggest
means to decrease vulnerability of systems, applications and
processes.
- Maintain familiarity with state of the art concepts,
procedures, software and techniques in Information Security in
order to be able to effectively assess and develop the CareFirst
Information Security environment.
QUALIFICATION REQUIREMENTS:
Required: College Degree in an Information Security or
Technology related field or equivalent experience plus 7+ years
related work experience. The incumbent will possess a high level of
expertise in information security concepts, information security
policies and system architecture concepts and have experience in
process definition, workflow design, and process mapping. In depth
understanding in multiple areas of Information Security such as
networking (TCP/IP, OSI model, network protocols), operating system
fundamentals (Windows, UNIX, mainframe), security technologies
(firewalls, switches, routers, IPSEC, IDS/IPS, etc.), voice
technologies (session border controllers, MPLS, VOIP, etc.),
authentication technologies, (TACACS, RADIUS, etc.), wireless
architectures, encryption key management, and mobile device
technologies. Also, must have knowledge of vulnerability
assessments, privacy assessments, incident response, security
policy creation, enterprise security strategies, and
governance.
The incumbent must also have an ability to quickly and
effectively learn Information Security tools in a large, complex
multi-platform environment.
Abilities/Skills (candidate should posses most of these):
- Ability to identify and resolve complex issues and develop
security solutions to meet CareFirst's business and technology
goals.
- Strong written documentation skills and technical writing are
required.
- Excellent presentation and verbal communication skills.
- Ability to effectively complete tasks with a minimal level of
supervision.
- Strong computer skills, including knowledge of Microsoft
Windows, various e-mail systems (Lotus Notes, Microsoft Exchange)
and unified communication systems (Office Communication
Server).
- Possess broad understanding of the following systems/skill
sets:
o IBM Tivoli administration and configuration
o System hardening concepts and techniques
o Checkpoint technologies
o Network and remote access controls
o LDAP, Unix, Active Directory, Java, EJB, JSP, JDBC, JMS,
Kerboros, PKI, XML, WSDL, Web Services, Ant, and Spring
Framework
o Unix, Linux, Web application servers (WebSphere, Apache)
o Virtualization technologies (VMware, VLANS, Hypervisors)
o Encryption technologies and key management
o Web application servers
o F5 LTM / ASMs
o Web application and IP firewalls
- Familiarity with access control methodologies (MAC, DAC.
RBAC)
Preferred:
- Professional certification such as CISSP, CISM (lead level
only)
- Specific knowledge of the CareFirst corporate structure.
- An understanding of the relationships among various units
within the corporation.
- Ability to understand and apply appropriate polices and
procedures.
- Basic understanding of SIEM tools and system log analysis.
- Knowledge of ethical hacking techniques and counter attack
methodologies.
- Familiarity with security tools such as wireless and network
scanning applications, vulnerability assessment applications and
concepts, IDS/IPS and other appropriate security related tools and
capabilities.
- Experience working with Information Security tools in a large,
complex, multi-platform environment.
Department
Department:
Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO)
employer. It is the policy of the Company to provide equal
employment opportunities to all qualified applicants without regard
to race, color, religion, sex, sexual orientation, gender identity,
national origin, age, protected veteran or disabled status, or
genetic information.
Hire Range Disclaimer
Actual salary will be based on relevant job experience and work
history.
Where To Apply
Please visit our website to apply: www.carefirst.com/careers
Closing Date
Please apply before: 6/19/21
Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any
debarment, exclusion, or other event that makes him/her ineligible
to perform work directly or indirectly on Federal health care
programs.
PHYSICAL DEMANDS:
The associate is primarily seated while performing the duties of
the position. Occasional walking or standing is required. The hands
are regularly used to write, type, key and handle or feel small
controls and objects. The associate must frequently talk and hear.
Weights up to 25 pounds are occasionally lifted.
Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship
