Resp & Qualifications
PURPOSE: This position is responsible for ensuring the implementation and ongoing effectiveness of security controls to safeguard the integrity of the Corporation’s computer systems and networks from compromise.
This position is responsible for managing the enterprise FEPOC data security engineering and related security policies, procedures and practices. Responsibilities include:
Overseeing the development and implementation of data security engineering initiatives around data encryption, tokenization, data deidentification, data loss prevention, database security monitoring and other data discovery and protection strategiies
Ensuring compliance with security requirements in appropriate regulations (e.g., HIPAA, GLB, etc.). Monitoring changes in legislation and accreditation standards that effect Information Security;
Proactively identifying possible audit issues. Assuring the timely and effective resolution of audit issues;
Enforcing and auditing enterprise data security strategies;
Effectively interacting with internal and external clients to understand data security requirements, identifying security procedures/strategies and their impacts and developing security strategies while maintaining security disciplines;
Monitoring advancements in information data security technologies and recommending practical, reasonable security solutions for implementation;
Initiating, facilitating and promoting activities to foster Information Security awareness throughout the enterprise;
Identifying security exposures and risks and providing leadership for designing and implementing effective solutions. Providing direction for risk accepting exposures and risks; and,
Providing status reports and metrics on security matters to key organization security stakeholders.
Under the supervision of the Director, Security Engineering, the incumbent’s accountabilities include, but are not limited to the following:
1 Executes and implements the FEPOC Information Data Security Strategy to reduce risk and provide an appropriate level of information security to address business needs in the most cost effective and reliable methods possible.
2 Identifies and provides guidance on regulatory, legal and audit security related issues.
3 Mentors and develops staff to understand FEPOC business, security processes, system architecture and security risks. Provides appropriate levels of guidance, encouragement, education, or discipline to ensure the highest quality delivery of services by responsible staff. Provides staff leadership by example. Maintains current job descriptions, performance plans and associate evaluations.
4 Provides status reports and metrics supporting FEPOC Information Security initiatives.
5 Resource planning to ensure necessary time, people, and money are accounted for to meet the needs of internal group projects, corporate initiatives, and day to day to support.
6 Maintain both managerial and technical skill set through training, industry conferences, etc.
Required: This position requires a Bachelor of Science degree in Computer Science, Information Systems Management or similar degree with 8 or more years experience in an IT Security related field or commensurate work experience. Healthcare or related industry experience is a plus. Four or more years experience in management is required.
The position requires:
An extensive knowledge in data security technologies such as encryption, tokenization, data loss protection, networking, databases and systems operations;
Strong related experience in developing security procedures;
Selecting/implementing automated management/administration tools;
Strong planning and organizing skills and able to delegate and manage the work of internal and external personnel;
Strong problem analysis skills, be decisive and flexible; and,
Excellent oral and written communications skills.
Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Hire Range Disclaimer
Actual salary will be based on relevant job experience and work history.
Where To Apply
Please visit our website to apply: www.carefirst.com/careers
Please apply before: 2/5/2021
Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.
Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship