CareFirst Careers

Information Security Manager

This job posting is no longer active

Resp & Qualifications

Under the supervision of the Director, Information Security, the incumbent’s accountabilities include, but are not limited to the following:

  1. Plans, develops, implements and controls the Corporate Information Security Strategy to reduce risk and provide an appropriate level of information security to address business needs in the most cost effective and reliable methods possible.
  2. Identifies and provides guidance on regulatory, legal and audit security related issues.
  3. Mentors and develops staff to understand CareFirst business, security processes, system architecture and security risks. Provides appropriate levels of guidance, encouragement, education, or discipline to ensure the highest quality delivery of services by responsible staff. Provides staff leadership by example.  Maintains current job descriptions, performance plans and associate evaluations.
  4. Maintains the overall Information security budget. Provides status reports and metrics supporting Information Security initiatives.
  5. Resource planning to ensure necessary time, people, and money are accounted for to meet the needs of internal group projects, corporate initiatives, and day to day to support. 
  6. Maintain both managerial and technical skill set through training, industry conferences, etc.

This position is subject to a Level 6C security requirement.

SUPERVISORY RESPONSIBILITY: This position is responsible for up to 20 associates in the Security Governance & Compliance, Security Administration, Security Infrastructure Support, Security Architecture & Analysis, or Security Monitoring & Reporting groups within Information Security.


Required: This position requires a Bachelor of Science degree in Computer Science, Information Systems Management or similar degree with 8 or more years experience in an IT Security related field or commensurate work experience.  Healthcare or related industry experience is a plus. Four or more years experience in management is required.

The position requires:

  • An extensive knowledge in networking, databases and systems operations;
  • Strong related experience in developing security procedures;
  • Selecting/implementing automated management/administration tools;
  • Strong planning and organizing skills and able to delegate and manage the work of internal and external personnel;
  • Strong problem analysis skills, be decisive and flexible; and,
  • Excellent oral and written communications skills.


Candidate should have in depth knowledge and experience in the following domains:

  • Information Security Governance and Compliance
  • Information Security Audit Coordination
  • Regulatory Compliance (HIPAA, PCI, etc)
  • Information Security Policy and Awareness
  • Information Security Standards and SOPs
  • Governance, Risk, and Compliance (GRC) Tools and Frameworks
  • Information Security Risk Management
  • NIST Risk Management Framework


Department: Information Security - Governance

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Closing Date

Please apply before: 8/1/2018

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The physical demands described here are representative of those that must be met by an employee to perform the essential duties and responsibilities of the position successfully.  Requirements may be modified to accommodate individuals with disabilities.

The employee is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The employee must frequently talk and hear.  Weights of up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

Learn more about Information Technology