CareFirst Careers

Manager, Cyber Security (Remote)

Resp & Qualifications

Executes and implements the CareFirst Information Security Strategy to reduce risk and provide an appropriate level of information security to address business needs in the most cost effective and reliable methods possible. Responsible for planning, developing, mentoring, leading, and monitoring work of the department and its staff.  


  • Manage initiatives within the full Information Security Program including directly overseeing the evaluation, development and implementation of security programs. Consults with internal stakeholders to meet client delivery, quality, and cost goals.

  • Manages subordinate staff members in the day-to-day operations of cybersecurity.

  • Creates a system of measurable metrics to effectively monitor the impact of the cybersecurity program.

  • Manage the operational support capabilities that ensure Cybersecurity hardware, software, and features are installed, patched, and properly configured so that they may continually be effective at securing platforms

  • Ensures organizational procedures are aligned to maintain compliance with industry and regulatory standards.

  • Monitors trends to ensure organizational efficiency in cybersecurity applications.


This position manages people.


  • As a Cyber Security Manager, lead a team that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect CareFirst and its members.

  • Oversee the vulnerability management processes, suggesting applicable change controls, and security exceptions.

  • Improve and mature vulnerability reporting to key stakeholders, and drive remediation efforts by communicating, clearly articulating, and prioritizing risk and impact to all stakeholders to convey the urgency and need to remediate a vulnerability commensurate with the risk it presents.

  • Develop the integration and automation strategy around multiple VM toolsets.

  • Develop automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet our rapidly changing needs.

  • Identify opportunities to collaborate across cyber teams and optimize efficiencies to reduce the level of effort, costs and risks across threat landscapes while facilitating increased organizational situational awareness.

  • Develop reports using data that is hosted in multiple sources/tools (e.g., spreadsheets, databases) and communicate clearly to leadership and other cyber teams.

  • Perform ad-hoc data manipulations, clean-ups, and reporting using large complex data sets for rapid security responses.

  • Conduct in-depth research projects for various threat topics.


Education Level: Bachelor's Degree in Computer Science, Information Technology, or related field OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Licenses/Certifications Upon Hire Preferred:

  • CISSP Certified Information Systems Security Professional 
  • Certified Information Security Manager (CISM)  
  • CompTIA Advanced Security Practitioner (CASP)  


  • 5 years Related professional experience
  • 1 year Supervisory experience or demonstrated progressive leadership experience

Knowledge, Skills and Abilities (KSAs)

  • Ability to multitask and manage multiple IT vendor relationships.
  • Ability to lead and work as part of a team.
  • Ability to execute technology and tool automation processes.
  • Deep knowledge of vulnerability management lifecycle.
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity.
  • Thorough understanding of cyber threats and vulnerabilities.
  • Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.



Department: InfoSec Security Operations

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship


Not finding the right job?
Stay informed about future openings by joining one of our Talent Networks!

Learn more about Information Technology