CareFirst Careers

Lead Cyber SecuritySpecialist - ISIM / ISAM

Resp & Qualifications


Under the supervision of the Manager Identity Engineering & Development, the incumbent’s accountabilities include, but are not limited to the following:

•Leads Enterprise Identity and Access Management (EIAM) systems, including IBM Webseal, IBM Security Access Manager, IBM Federated Identity Manager, IBM Security Identity Manager, IBM Directory Integrator and IBM Directory Server. Develops scripts for bulk or automated modifications to LDAP objects; implement appropriate protection for  EIAM systems, develop and maintain documentation on ACLs, structure, schemas, etc.; coordination with support areas for OS and database upgrades/patches for EIAM systems; upgrades and routine maintenance; troubleshooting support; performance monitoring.

•Manage and support the current SailPoint IdentityNow implementation, primarily used internally for provisioning and de-provisioning to LDAP and to Azure. Also work with various application owners to integrate with SailPoint for provisioning and de-provisioning.

•Participates in design efforts for security and EIAM-related portions of new applications along with application development areas; supports EIAM tools; supports troubleshooting application issues related to EIAM; manages vendor relationships for EIAM and other security tools.

•Manages identity provisioning systems for access to various systems; provision IDs for FEPOC associates; managing access, roles, permissions etc. to various systems including windows servers, SharePoint sites, and midrange UNIX servers.

•Participates in research, design, and implementation of solutions involving data encryption, data masking, secure file transfers, data leakage prevention, and privileged identity access management. Support new initiatives related to HIPAA and other mandates.

•Recognized as subject matter expert for certain security-related technologies. May participate in training of new Associates and Contractors on FEPOC security technologies and operating procedures.  Facilitates communication between all key IT groups and the customer community on security-related items. Represents IATS Department and FEPOC and participates in CareFirst, BCBSA, and Local Blue Plan Security endeavors.

This position is subject to a Level 6C security requirement.



•College Degree in an Information Security or Technology related field or equivalent experience plus 8- 10 years related experience.

•The incumbent will possess an extensive knowledge of information security concepts, information security policies and system architecture concepts.

•The incumbent should have a demonstrated ability to work effectively with Information Security tools in a large, complex, multi-platform environment.



•Excellent written, presentation and verbal communication skills.

•Ability to coordinate projects and tasks in line with department and company goals and objectives.

•With oversight by more-senior associates, ability to self-direct and work independently.

•Ability to keep associates motivated and interested in their responsibilities and opportunities.

•Possess good working knowledge and understanding of Java, JavaScript, UNIX, Windows, and Mainframe (TSO, CICS) environments and their related security capabilities and functions.

•Strong analytical / problem solving skills

•Working knowledge of typical application life cycle development processes

•Good understanding of basic networking concepts, firewalls and load balancers.



•In-depth knowledge and proven experience working with IBM Identity and Access Management system and credential stores.

•Working knowledge to be able to support SailPoint IdentityNow.

•Ability to readily understand and apply appropriate policies and procedures.

•Good working knowledge of security related regulations.

•Good working knowledge of web-application attack vectors and work experience implementing security controls for browser-based applications

•Working knowledge of data encryption schemes and experience working with data encryption technologies

•Strong work experience with scripting languages

•Working knowledge of various programming languages preferred; JAVA experience a plus



Department: Identity Engineering & Development.

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Closing Date

Please apply before: 2/21/2021

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

Learn more about Information Technology