Resp & Qualifications
PURPOSE: This position is responsible for ensuring the implementation and ongoing effectiveness of security controls to safeguard the integrity of the Corporation’s computer systems and networks from compromise.
This position is responsible for managing the enterprise security environment for data security protection architecture and policies, procedures and practices. Responsibilities include:
- Overseeing the development and implementation of data security policies, procedures and practices;
- Ensuring compliance with data security requirements in appropriate regulations (e.g., HIPAA, GLB, etc.). Monitoring changes in legislation and accreditation standards that effect data protection;
- Proactively identifying possible data protection audit issues. Assuring the timely and effective resolution of data security audit issues;
- Enforcing and auditing enterprise data security protection strategies;
- Effectively interacting with internal and external clients to understand data security requirements, identifying data security procedures/strategies and their impacts and developing data security strategies while maintaining data security disciplines;
- Monitoring advancements in data security technologies and recommending practical, reasonable security solutions for implementation;
- Initiating, facilitating and promoting activities to foster Information Security awareness throughout the enterprise;
- Identifying security exposures and risks and providing leadership for designing and implementing effective solutions. Providing direction for risk accepting exposures and risks; and,
- Providing status reports and metrics on data security matters to key organization security stakeholders.
- Under the supervision of the Director, Security Engineering, the incumbent’s accountabilities include, but are not limited to the following:
- Executes and implements the Information Security Strategy to reduce risk and provide an appropriate level of data security to address business needs in the most cost effective and reliable methods possible.
- Identifies and provides guidance on regulatory, legal and audit security related issues.
- Mentors and develops staff to understand business, security processes, system architecture and security risks. Provides appropriate levels of guidance, encouragement, education, or discipline to ensure the highest quality delivery of services by responsible staff. Provides staff leadership by example. Maintains current job descriptions, performance plans and associate evaluations.
- Provides status reports and metrics supporting Information Security initiatives.
- Resource planning to ensure necessary time, people, and money are accounted for to meet the needs of internal group projects, corporate initiatives, and day to day to support.
- Maintain both managerial and technical skill set through training, industry conferences, etc.
Required: This position requires a Bachelor of Science degree in Computer Science, Information Systems Management or similar degree with 8 or more years experience in an IT Security related field or commensurate work experience. Healthcare or related industry experience is a plus. Four or more years experience in management is required.
The position requires:
- An extensive knowledge in data protection domain including technologies such as encryption, tokenization, deidentification, and data loss protection;
- Strong related experience in developing security procedures;
- Selecting/implementing automated management/administration tools;
- Strong planning and organizing skills and able to delegate and manage the work of internal and external personnel;
- Strong problem analysis skills, be decisive and flexible; and,
- Excellent oral and written communications skills.
Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Hire Range Disclaimer
Actual salary will be based on relevant job experience and work history.
Where To Apply
Please visit our website to apply: www.carefirst.com/careers
Please apply before: 2.13.21
Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.
Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship