CareFirst Careers

Director, Security Engineering

Resp & Qualifications

PURPOSE:
This position is responsible for all aspects of  Security Engineering. This includes:
• Focusing on user and customer facing security related issues.
• Developing the strategy, staffing the Security Engineering organization and developing corporate wide policies to assure the integrity, availability, maintainability, and confidentiality of  information and the production environment.
• Response and management action plans for all security engineering , technical, business continuity, and audit issues.
• Managing identity, access management, data, and application security engineering & development efforts..
• Conducting and reporting on formal risk analysis and periodic assessments..
•  Direct periodic information security capability reviews
•  Security awareness training on a regular basis
•  Monitor compliance with regulatory requirements and guidelines
•  Inform CISO of progress and activities concerning the development and maintenance of the Information Security Program
•  Recommend timely and effective improvements to information security processes and procedures


PRINCIPAL ACCOUNTABILITIES:
Under the direction of the CISO, the incumbent’s accountabilities include, but are not limited to, the following:

Duties and Responsibilities

  • Directs the implementation of security controls abd development of policies, processes and procedures for protection of information assets and the production environment.  This includes providing access to corporate systems and data bases, security systems implementation, and security architecture to combat existing and future threats while enabling business processes. 
  • Work with CAAS to remediate negative audit findings, identify proactive measures available before audits occur and compose responses and Management Action Plans for IS audit issues.  Monitor compliance with regulatory requirements and guidelines (HIPPA/HCFA/DHHS).
  • Directs security engineering  planning as well as implementation strategies. Development of solutions,policies, processes and procedures regarding technical security controls and infromation security  strategic plan. 
  • Recruits and evaluates performance of each team member, generates associate development plans and sets goals within the context of the corporate policy.  Must also motivate, coach, counsel and develop team members who safeguard the company’s intellectual property and information within the context of the corporate policies and manages the team’s budget. Ensures that staff has appropriate tools and training.
  • Provides response and management action plans for the resolution of all security controlaudit issues.
  • Provides support to the CISO as required for research and special projects.
  • Maintain both manager and technical personal skillset through training, industry conferences, etc.


QUALIFICATION REQUIREMENTS:

Required:
This position requires a BS or equivalent technical training in IT/Information Security and at least 15 years experience in the IT industry.   The position requires an extensive knowledge in information security, project management and a familiarity with networking, databases, systems operations and applications.  This position requires strong strategic and tactical planning, organizing and controlling skills and must be able to delegate and manage the work of internal and external personnel.  The incumbent must also possess strong problem analysis skills and be decisive as well as flexible. Excellent oral and written communications skills are essential.

Preferred Certifications:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Manager (CISM)
• Network Security (GIAC, CCNA, CCSP, CCIE, etc.
• Database Security (OCPDBA, MCDBA, CDBADB2, etc.)
• Operating System Security (SCSA, MCSA/MCSE: Security, etc.)
• Infrastructure Security (IAM, IEM, CCIP, etc.)

 

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply: www.carefirst.com/careers

Closing Date

Please apply before: 2.13.21

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

Learn more about Information Technology