Cyber Security Consultant (Cloud/Applications/Identity Access/Data/Network/Threat/Vulnerability Mgmt Security Domains)

09 Aug 2024

Vacancy expired!

Resp & Qualifications

PURPOSE:The Consultant, Information Security, reporting to the CISO, the Consultant, Information Security is accountable for a variety of tasks and deliverables, as listed below is responsible for recommending, architecting, and leading the implementation of security solutions across the breadth of security domains including but not limited to cloud security, identity, authorization, and authentication management, network security, data security, application security, and detection & response for private data center, public cloud or hybrid implementations. The Consultant, Information Security works closely with solution architects, application, and system owners to provide security guidelines and architecture consultancy to secure new and existing applications and systems being created in or migrated to the cloud. The Consultant, Information Security works diligently towards identifying needed security pattern changes needed as a result growing threats, vulnerabilities, incidents and comes out with recommendations that fits the existing security standards and patterns.

ESSENTIAL FUNCTIONS:
  • Develop/Enhance companywide security best practices.Participate in brainstorming sessions for interpreting technical requirements into security solutions and designs that are consistent with the current information security architecture and with security policies and guidelines. Create and curate detailed security architecture documents and library to be shared within and outside information security. Provide information security representation support for solution architecture presentations to the Architecture Review Board. Contribute and maintain library of security design patterns, security standards, best practices, checklists, and other guiding artifacts. Provide support toCISO on quarterly information security strategy and roadmap update.
  • Research information security improvements and brief management.Research new techniques and methodologies available to enhance information security risk posture. Work across information security teams and other teams in the enterprise to provide guidance and expertise in developing security solutions for cloud security, application security, identity access management and authorization, data security, network security, and threat and vulnerability management security domains
  • Remain up to date on Information Security trends and emergent threats.
  • Assess, plan, and execute security measures in a layered approach to protect the organization.Work and collaborate with information security teams and other teams in the enterprise, or with customers (internal and external) in resolving security issues within the application security, identity access management and authorization, data security, network security, and threat and vulnerability managementdomains. Apply creative thinking in problem solving and actively identifying opportunities for information security improvements.

SUPERVISORY RESPONSIBILITY:Individual Contributor - This position has no direct reports, however, may informally lead teams in a matrix environment.

QUALIFICATIONS:

Education Level: Bachelor's Degree inComputer Science, Information Technology, or related field ORin lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Licenses/Certifications:CCSPCertified CloudSecurity ProfessionalCISM - Certified Information Systems Security

Experience: 10 years relevant information security experience.

Preferred Qualifications:Advanced degree

Knowledge, Skills and Abilities (KSAs)
  • Ability to manage multiple tasks and deliverables with minimal supervision.
  • Ability to explain technical information to technical and nontechnical personnel.
  • Ability to provide direction and mentor less experienced teammates.
  • Knowledge of cybersecurity risks, frameworks, best practices and industry/regulatory requirements.
  • Knowledge of network architecture, cloud security, application security, identity and access maangement, data security, firewall security.
  • Understanding of business needs and commitment to delivering high-quality, prompt, and efficient service.
  • Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.

#LI-DM1

Department

Department:Security Engineering

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply: www.carefirst.com/careers

Closing Date

Please apply before:4.1.2022

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship