Analyst, Cyber Security Sr

CareFirst
Washington, DC
09 Aug 2024

Vacancy expired!

Resp & Qualifications

COMPANY SUMMARY:

CareFirst, Inc., and its affiliated companies, generally referred to as CareFirst BlueCross BlueShield (CareFirst), is the Mid-Atlantic region’s largest private sector health insurer, serving the healthcare needs of 3.5 million members in Maryland, the District of Columbia, and portions of northern Virginia. The Company offers a comprehensive portfolio of products and services to individuals and groups, as well as state and federal government sponsored plans. With a market share almost three times that of the closest competitor, the company commands 45 percent penetration across the region.

In July 2018, Brian D. Pieninck assumed the role of President and CEO after serving as the company’s COO of Strategic Business Units and IT Division. Under his leadership, the organization completed an extensive review of its operations and clinical programs, resulting in an expansive 3-year strategy to grow and diversify the company’s core business. Along with a 5-year vision to drive the transformation of the healthcare experience across the continuum of its members, partners, and communities, the company has placed a renewed and intentional focus on fostering a mission-based culture, which drives every decision the company makes. The organization employs over 5,600 full-time employees in Maryland, Northern Virginia, the District of Columbia, and West Virginia. CareFirst has earned multiple workplace awards recognizing its leadership in diversity and inclusion, wellness engagement, and creation of a supportive and equitable work environment for all employees.

At CareFirst, you are part of an inspired, collaborative team that is building the healthcare experience we want for our families and our future. Every day, we make a meaningful difference in the communities where we live and work.

We practice empathy, seek to understand, invest in inclusion, demand equity and nurture belonging every day for our employees and the communities we serve. We rely on the rich diversity of our employees’ experiences and backgrounds to achieve our mission. Every year we host a Week of Equity and Action where we deepen our investment and commitment to diversity, equity, and inclusion. During this week thousands of employees engage in workshops and volunteerism with the goal of bettering themselves and our community.
  • Women make up around 70% of CareFirst’s employee population, and over 50% identify as BIPOC (Black, Indigenous, and people of color).
  • We have 9 resource groups that connect employees over shared identities (LGBTQ, veteran status, race, etc.) and passions (climate change, healthy living, leadership development).
  • Employees are encouraged to give back and volunteer in their communities with their civic engagement hours.
As a not-for-profit, CareFirst regularly ranks among the most philanthropic organizations with $65 million invested in the community in 2020 to improve overall health, and increase the accessibility, affordability, safety, and quality of healthcare throughout its market area. The company’s employees consistently add to this impact by devoting thousands of volunteer hours to numerous community organizations and social causes. The company’s continued efforts to reinvest in community health care programs has repeatedly earned CareFirst regional accolades as a leading corporate philanthropist, including the No. 2 and No. 7 spots on the Baltimore Business Journal and Washington Business Journal’s 2019 list of top corporate givers, respectively.

PURPOSE:To ensure the organization's data remains protected from inappropriate access, disclosure and/or damage. To advocate for and execute the processes and practices of the Cybersecurity team while supporting business and customer needs.This includes functions such as monitoring, upgrading, day-to-day maintenance, operational changes, etc. in support of projects/initiatives/operations to ensure the effective and efficient operations of the systems, processes, and controls.

This is a SECURITY ENGINEERING SUPPORT position and will support TIER ONE and TIER TWO operations while working with and maintaining the network firewalls, load balancers, and other security devices under the direction of the Network Security Engineering Development team in theSecurity Engineering division. Customer Service and End-User support is it's primary task, and support of Network Engineers as a secondary task.

Candidates must have a Networking Background and Knowledge of routers, switches, the OSI Model, subnetting, and network design parameters. Palo Alto Hardware is preferred, but other firewall experience may be considered.

In addition, the ANALYST is an EXPERIENCED/VETERAN position in a support or maintenance role in an engineering environment. This role may include LEVEL ONE customer service responsibilities, such as initial trouble shooting of service calls, ticket resolution, service escaltion and management, metrics reporting, and in some cases tool management and agent maintenance. But may also involve LEVEL TWO MAINTENANCE roles such as tool updates, upgrades, on firewalls and other tools, such as IDS/IPS, SIEMs, EPPs, Access Management Systems, and others. The Analyst is expected to have the experience necessary to lead the LEVEL ONE staff and liase with the engineering team on TIER THREE or escalation matters.

ESSENTIAL FUNCTIONS:
  • Develop/Enhance companywide security best practices.
  • Research information security improvements and brief management.
  • Remain up to date on Information Security trends and emergent threats.
  • Assess, plan, and execute security measures in a layered approach to protect the organization.

QUALIFICATIONS:

Education Level: Bachelor's Degree inComputer Science, Information Technology, or related field ORin lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Licenses/Certifications:
  • CISSP Certified Information Systems Security ProfessionalUpon Hire Preferred.
  • Certified Ethical Hacker (CEH)Upon Hire Preferred.
  • Certified Threat Intelligence Analyst (CTIA)-ECCOUNCILUpon Hire Preferred.
  • Certification and Accreditation Professional (CAP)Upon Hire Preferred.
  • EnCase Certified ExaminerUpon Hire Preferred.
  • CompTIA Network+Upon Hire Preferred.
  • CompTIA Security+Upon Hire Preferred.

Experience:5years relevant cyber security experience.

Knowledge, Skills and Abilities (KSAs)
  • Ability to manage multiple tasks and deliverables with minimal supervision.
  • Ability to explain technical information to technical and nontechnical personnel.
  • Proficiency in the cybersecurity domain.
  • Ability to work collaboratively within a team to perform daily work
  • Understanding of business needs and commitment to delivering high-quality, prompt, and efficient service.
  • Knowledge of cybersecurity risk management techniques, frameworks, best practices and industry/regulatory requirements.
  • Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.

Travel Requirements

Estimate Amount:Very Rarely if at all, local DMV area only.

Department

Department:Security Engineering Support

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply: www.carefirst.com/careers

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

#LI-JH3