Resp & Qualifications We are looking for a Leader, a “Hands-On” Guru in IT Security Architecture
Join the revolution in health careIT
We are working on “the big picture” of the future of health care information technology, and what we do touches the lives of millions of people.Today, we are looking for an extremely experienced, accomplished, “expert level” Security Architect
to lead a part of our part of our growing technology security organization, which also includes team such as Identity/Access Management, Security Engineering and Security Operations & Maintenance. digital transformation to
oversee the IT Division’s Operating Expense and Capital Budgets totaling approximately $240 million and $10M respectively. The positionwill *** Reporting to the Director of Information Security, Architecture & Engineering, the Security Architect’s accountabilities are broad and highly influential in ALL the new work, i.e. development, complex implementations and impactful solutions underway and more planned, as a part of our IT Modernization/Transformation Program. ***
Additional accountabilities include, the ability to abstract solutions, recognized architectural patterns, map requirements to solutions; brings a strong combination of technical-security expertise from other digital/cloud-oriented enterprise experiences and/or environments, but also will include and not limited to the following:Support Information Securityand the Business:
Architect and Design:
- Performs reviews of new business solutions and ensure they meet security requirements and objective; creates high-level security requirements for key security projects and in initiatives.
- Supports security projects in designing and implementing solutions.
- Develop processes and procedures for managing and maintaining security systems
- Creates and maintains security architecture artifacts (patterns, blueprints, building blocks, guardrails) aligned with CareFirst security policies and guidelines that can be reused for new solutions and initiatives
- Develops and collaborates on security roadmaps and strategies based on enterprise architecture practices; develops component and physical architectures in collaboration with IT and the business to enable security-by-design
- Coordinates with IT Operations and Software Development teams to design and build secure solutions and services in standardized and automatable patterns
- Represents Information Security across the enterprise and plays a key role in communicating the policies, goals, and road map of the team and collaborates with Enterprise Architecture, IT, Security Operations to identify security improvements in the enterprise environment
- Reviews security technologies, tools, and services, making recommendations to the broader security and IT organization for their use and performs threat modeling on new applications, systems, and services
- Leads complex projects/issues that require in-depth knowledge across multiple technical areas and business segments; considers company strategy and direction when researching new solutions and opportunities by providing key presentations and documents to senior executive management to provide recommendations for critical design decisions
- Advocates and enforces security requirements and objectives, while ensuring that security architectures and practices enable the needs of the business
- Communicates progress, updates, and any obstacles or support requirements to Infosec leadership
- or permanent resident.
- Requires a BA/BS in computer science or related IT field or equivalent industry experience and demonstrate 8+ years of IT experience, including 5 years of combined experience in Information Security and Security Architecture.
- Proven leadership skills, interpersonal skills and the ability to build relationships across the enterprise. Must be able to influence and work with diverse teams with different backgrounds and motivations.
- Strong written and verbal communication skills and a demonstrated ability to clearly articulate and communicate complex subjects and solutions.
- Subject matter expertise in multiple security domains, such as application security, identity and access management, network security, encryption, operating systems, and vulnerability management
- Proven track record of performing in-depth research and introducing new security solutions and technologies.
- Ability to translate functional and technical business requirements into secure technical implementations, a fast learner with a commitment to personal growth in the domain of Information Security.
- Experience with architecture and security frameworks, such as TOGAF, SABSA, and NIST CSF and/or experience with compliance requirements, such as FISMA, HIPAA, and PCI-DSS
- MS in Computer Science or related field with one or more common security certifications, such as CISSP, GIAC, CISM
- Hands-on cloud experience, with one or more certifications
- Familiarity with Kafka, Kubernetes/containers, automation, and CI/CD pipelines
- Familiarity with Agile methodology and DevOps
#LI-JL1 Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.Hire Range Disclaimer
Actual salary will be based on relevant job experience and work history.Where To Apply
Please visit our website to apply: www.carefirst.com/careersClosing Date Please apply before: 8/1/2020Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship