Home / Job Search / Director, Security Engineering

Director, Security Engineering

Job ID: 14288

Job Function: Information Technology

Location: Washington, DC, United States

Campus: DC-Washington-Portals

Career Band: BDC

Status: Full-Time

Resp & Qualifications

PURPOSE:
This position is responsible for all aspects of Security Engineering. This includes:
• Focusing on user and customer facing security related issues.
• Developing the strategy, staffing the Security Engineering organization and developing corporate wide policies to assure the integrity, availability, maintainability, and confidentiality of information and the production environment.
• Response and management action plans for all security engineering , technical, business continuity, and audit issues.
• Managing identity, access management, data, and application security engineering & development efforts..
• Conducting and reporting on formal risk analysis and periodic assessments..
• Direct periodic information security capability reviews
• Security awareness training on a regular basis
• Monitor compliance with regulatory requirements and guidelines
• Inform CISO of progress and activities concerning the development and maintenance of the Information Security Program
• Recommend timely and effective improvements to information security processes and procedures

PRINCIPAL ACCOUNTABILITIES:
Under the direction of the CISO, the incumbent’s accountabilities include, but are not limited to, the following:

Duties and Responsibilities

Directs the implementation of security controls abd development of policies, processes and procedures for protection of information assets and the production environment. This includes providing access to corporate systems and data bases, security systems implementation, and security architecture to combat existing and future threats while enabling business processes.
Work with CAAS to remediate negative audit findings, identify proactive measures available before audits occur and compose responses and Management Action Plans for IS audit issues. Monitor compliance with regulatory requirements and guidelines (HIPPA/HCFA/DHHS).
Directs security engineering planning as well as implementation strategies. Development of solutions,policies, processes and procedures regarding technical security controls and infromation security strategic plan.
Recruits and evaluates performance of each team member, generates associate development plans and sets goals within the context of the corporate policy. Must also motivate, coach, counsel and develop team members who safeguard the company’s intellectual property and information within the context of the corporate policies and manages the team’s budget. Ensures that staff has appropriate tools and training.
Provides response and management action plans for the resolution of all security controlaudit issues.
Provides support to the CISO as required for research and special projects.
Maintain both manager and technical personal skillset through training, industry conferences, etc.

QUALIFICATION REQUIREMENTS:

Required:
This position requires a BS or equivalent technical training in IT/Information Security and at least 15 years experience in the IT industry. The position requires an extensive knowledge in information security, project management and a familiarity with networking, databases, systems operations and applications. This position requires strong strategic and tactical planning, organizing and controlling skills and must be able to delegate and manage the work of internal and external personnel. The incumbent must also possess strong problem analysis skills and be decisive as well as flexible. Excellent oral and written communications skills are essential.

Preferred Certifications:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Manager (CISM)
• Network Security (GIAC, CCNA, CCSP, CCIE, etc.
• Database Security (OCPDBA, MCDBA, CDBADB2, etc.)
• Operating System Security (SCSA, MCSA/MCSE: Security, etc.)
• Infrastructure Security (IAM, IEM, CCIP, etc.)

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply: www.carefirst.com/careers

Closing Date

Please apply before: 2.13.21

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

Apply

Connect with us:

Serving Maryland, the District of Columbia and portions of Virginia, CareFirst BlueCross BlueShield is the shared business name of CareFirst of Maryland, Inc. and Group Hospitalization and Medical Services, Inc. In the District of Columbia and Maryland, CareFirst MedPlus is the business name of First Care, Inc. In Virginia, CareFirst MedPlus is the business name of First Care, Inc. of Maryland (Used in VA By: First Care, Inc.).

First Care, Inc., CareFirst of Maryland, Inc., Group Hospitalization and Medical Services, Inc., CareFirst BlueChoice, Inc. and The Dental Network are independent licensees of the Blue Cross and Blue Shield Association. The Blue Cross and Blue Shield Names and Symbols are registered trademarks of the Blue Cross and Blue Shield Association.

CareFirst of Maryland, Inc. and The Dental Network underwrite products in Maryland only.

Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. To comply with this law, CareFirst must collect information regarding an employee’s identity and employment eligibility and document that information on a document referred to as Form I-9, Employment Eligibility Verification, no later than three business days from when the employee begins work for pay. If you are hired, you will be required to provide certain information on the form necessary to establish your identity and eligibility to work in the United States and certain required supporting documents.

If you experience any technical difficulties during this process, please send an email detailing the specific problem you are having to [email protected] and we will respond as soon as possible.

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c) If you believe that you have experienced discrimination, contact OFCCP at 800-397-6251 (TTY 877-889-5627) or www.dol.gov/ofccp.

Director, Security Engineering

Related Careers

Manager, Data Security Engineering and Development

Senior Cyber Security Specialist

Manager, Data Security Engineering and Development

Cyber Operations Manager

Specialist, Cyber Security Sr. (SailPoint - IdentityNow)

Enterprise Architect III

Senior Requirements Analyst

Information Security Consultant (PKI/HSM)

Product Manager

Lead Healthcare Insurance Business/Requirements Analyst

About Us

Careers

Legal & Mandates

Media

Other Information

Language Assistance Available