CareFirst Careers

Manager, Cyber Security Threat Intelligence and Response (Remote)

Resp & Qualifications

Executes and implements the  Information Security Strategy to reduce risk and provide an appropriate level of information security to address business needs in the most cost effective and reliable methods possible. Responsible for planning, developing, mentoring, leading, and monitoring work of the department and its staff. 


  •  Manage initiatives within the full Information Security Program including directly overseeing the evaluation, development and implementation of security programs. Consults with internal stakeholders to meet client delivery, quality, and cost goals.

  • Manages subordinate staff members in the day-to-day operations of cybersecurity.

  • Creates a system of measurable metrics to effectively monitor the impact of the cybersecurity program.

  • Manage the operational support capabilities that ensure Cybersecurity hardware, software, and features are installed, patched, and properly configured so that they may continually be effective at securing platforms.

  • Ensures organizational procedures are aligned to maintain compliance with industry and regulatory standards.

  • Monitors trends to ensure organizational efficiency in cybersecurity applications.

This position manages people.


Education Level: Bachelor's Degree in Computer Science, Information Technology, or related field OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.


  • CISSP Certified Information Systems Security Professional 
  • Certified Information Security Manager (CISM)
  • CompTIA Advanced Security Practitioner (CASP)


  • 5 years Related professional experience
  • 1 year Supervisory experience or demonstrated progressive leadership experience

Preferred Qualifications:

  • Subject matter expertise in at least one of the following areas: Cyber Threat Hunting, Cyber Threat Intelligence or Digital Forensics & Incident Response.

  • Experienced leading a team of threat intelligence analysts.

  • Experience working with a variety of threat intelligence gathering and monitoring tools.

  • Experience working within threat sharing communities.

  • Experienced incident responder/leader.

  • Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).

  • In-depth understanding of advesary tools, tactics and procedures.

  • Experience with threat modeling.

  • Knowledge of relevant frameworks, standards, and best practices such as NIST CSF, PCI-DSS, CIS CSCs, MITRE ATT&CK, Cyber Kill Chain etc.

  • Work with detection engineers to develop monitoring and metrics to support detection of advanced TTPs.

  • Develop and maintain effective documentation; including monitoring, hunting, and response playbooks, processes, and other supporting operational material.

Knowledge, Skills and Abilities (KSAs)

  • Ability to multitask and manage multiple IT vendor relationships. 
  • Ability to lead and work as part of a team.
  • Ability to execute technology and tool automation processes.
  • Deep knowledge of risk treatment and mitigation strategies.
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity.
  • Thorough understanding of cyber threats and vulnerabilities.
  • Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.



Department: InfoSec Cybersecurity Operation

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship


Not finding the right job?
Stay informed about future openings by joining one of our Talent Networks!

Learn more about Information Technology