CareFirst Careers

Security Architect

Resp & Qualifications

PRINCIPAL ACCOUNTABILITIES: Reporting to the Manager Information Security, Architecture & Planning, the Security Architect is accountable for a variety of tasks and deliverables, as listed below.

Support existing applications in terms of identity and access management, roles definition, access rights tracking, reporting generation for audits, etc. Assist in problem resolution and recommending alternative techniques. Works closely with Security Technical Leads to guide decisions on solutions and best practices. Work and collaborates other teams in the enterprise, or with customers (internal and external) on resolving access issues related to security functions. Assist in security related audits, risk assessments and access reviews by working with peers and security specialists will providing reports and information to other teams such as IT Audit and Risk Assessment.

Participate in brainstorming sessions for interpreting technical requirements into security solutions and designs that are consistent with the current information security architecture and with CareFirst security policies and guidelines.  Secure applications and systems by working with the Leads to corroborate a pragmatic solution which is maintainable and scalable. Create detailed designs for multi-tiered web applications using UML and similar diagraming methods – to provide guidance to developers and other architects within and without Security. Contribute to our library of design patterns, security standards, check lists, and other guiding artifacts. Conduct research of new security technologies and contribute to new ideas, patterns, processes and solutions of information security which are beneficial to the team and the enterprise. Collaborate with the Leads in order to properly interpreting high level designs into working solutions and provide guidance in this regard.

Collaborates with other teams for joint design sessions and decisions. Handles multiple projects at any time and communicates with project teams as well as with Solution Architects.  Presents to senior management and supports Enterprise Architects in procurement of new technologies and tools for extending the enterprise technology stack and enabling advancement of leading edge business solutions. Provides guidance on security related questions and issues that arise in Information Security and in other Competency Centers. Works with other Security Architects or Security Leads in identifying opportunities of improvement, maintaining the Information Security Road Map, and specifying Security Design Patterns and Standards. Represents Information Security across the enterprise and plays a key role in communicating the policies, goals, and road map of the team.

This position is also subject to being "on call" for emergency situations requiring immediate resolution.  Travel between all CareFirst locations may be required.

Required Experience, Skills and Abilities:
This position requires a BA/BS in computer science or related IT field or equivalent experience plus 8 years of IT experience including 5 years of combined experience in Information Security and Security Architecture. In addition:

  • Proven leadership skills, interpersonal skills and the ability to build relationships across the enterprise.  Must be able to influence and work with diverse teams with different backgrounds and motivations.
  • Must have strong writing and verbal communication skills and a demonstrated ability to clearly articulate and communicate complex subjects and solutions.
  • Able to work in a fast passed environment, handle changing requirements, and perform under tight timelines.
  • Must be a fast learner with a commitment to personal growth in the domain of Information Security.
  • Proven track record of performing in-depth research and introducing new technologies for better coding style, faster delivery, and enhanced performance.
  • Knowledgeable in architectural methods, tools, and diagraming schemes.
  • Must possess strong knowledge of information security systems including Access Management, Identity Management, LDAP, Role Based Access Control, HTTP Headers and Cookies, Encryption, SSL, Certificates, etc., Access Control List (ACL), Web Services Security, Active Directory and Domain Controllers etc.
  • Must possess strong knowledge and understanding and preferably experience of Cloud security technologies and security policies and practices as it applies to a hosted environment, including SAAS, PAAS, IAAS, Idaas and security-as-a-service
  • Must have an understanding of relational data modeling, communications protocols such as HTTP, TCP/IP, JMS, SSL, etc.
  • Experienced with large and complex systems having multi-layered architectures and use of Software Development Lifecycle methodology.


  • BS in Computer Science or equivalent
  • Experience with some or all of the following:  Solution Architecture, Enterprise Architecture, and Business Analysis. Understanding of Unix, Linux, Tibco, WebSphere administration and tuning, Oracle database administration, Firewall configuration, Intrusion Preventions Systems, and similar security devices.


Department: InfoSec Technology - MD

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Closing Date

Please apply before: 8/31/2018

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

The physical demands described here are representative of those that must be met by an associate to perform the essential duties and responsibilities of the position successfully.  Requirements may be modified to accommodate individuals with disabilities. Travel between Carefirst sites is required.

The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The employee must frequently talk and hear.  Weights of up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

Learn more about Information Technology