Resp & Qualifications
Executes and implements the Information Security Strategy to reduce risk and provide an appropriate level of information security to address business needs in the most cost effective and reliable methods possible. Responsible for planning, developing, mentoring, leading, and monitoring work of the department and its staff.
Manage initiatives within the full Information Security Program including directly overseeing the evaluation, development and implementation of security programs. Consults with internal stakeholders to meet client delivery, quality, and cost goals.
Manages subordinate staff members in the day-to-day operations of cybersecurity.
Creates a system of measurable metrics to effectively monitor the impact of the cybersecurity program.
Manage the operational support capabilities that ensure Cybersecurity hardware, software, and features are installed, patched, and properly configured so that they may continually be effective at securing platforms.
Ensures organizational procedures are aligned to maintain compliance with industry and regulatory standards.
Monitors trends to ensure organizational efficiency in cybersecurity applications.
This position manages people.
Education Level: Bachelor's Degree in Computer Science, Information Technology, or related field OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.
Subject matter expertise in at least one of the following areas: Cyber Threat Hunting, Cyber Threat Intelligence or Digital Forensics & Incident Response.
Experienced leading a team of threat intelligence analysts.
Experience working with a variety of threat intelligence gathering and monitoring tools.
Experience working within threat sharing communities.
Experienced incident responder/leader.
Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs).
In-depth understanding of advesary tools, tactics and procedures.
Experience with threat modeling.
Knowledge of relevant frameworks, standards, and best practices such as NIST CSF, PCI-DSS, CIS CSCs, MITRE ATT&CK, Cyber Kill Chain etc.
Work with detection engineers to develop monitoring and metrics to support detection of advanced TTPs.
Develop and maintain effective documentation; including monitoring, hunting, and response playbooks, processes, and other supporting operational material.
Knowledge, Skills and Abilities (KSAs)
Department: InfoSec Cybersecurity Operation
Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Hire Range Disclaimer
Actual salary will be based on relevant job experience and work history.
Where To Apply
Please visit our website to apply: www.carefirst.com/careers
Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.
Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship
Not finding the right job?
Stay informed about future openings by joining one of our Talent Networks!