CareFirst BlueCross BlueShield

Lead Cyber Security Specialist - 12869

Security Analyst in Owings Mills, MD

Posted 2019-12-02

Under the supervision of the Director, CyberSecurity Monitoring, Digital Forensics and Incident Response (DFIR), the incumbent’s accountabilities include, but are not limited to the following:
Deploy and support systems; security applications and hardware, infrastructure components to protect the security of CareFirst information.
Provide appropriate training to other security specialists and external customers on developed standards, procedures and guidelines.
Implement necessary enhancements/updates/upgrades to existing security products.
Assist in the configuration and installation of security products. Where possible, suggesting and implementing possibilities to automate manual operational activities.
Represent CyberSecurity Monitoring and DFIR in disaster recovery procedures and exercises.
Evaluate emerging technologies in the areas of perimeter security, intrusion prevention and cloud security.
Perform periodic compliance reviews of firewall configurations.
Serve as lead technical coordinator/project lead and as a contributor to cross functional teams for deployment and support of security specific infrastructure.
Provide support and guidance to a team of technically diverse personnel of senior level security specialists and junior level security specialists.
Design, implement, and integrate security solutions to address enterprise risks and exposures.
Design and implement security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure.
Performing security governance through the design and implementation of security policies, procedures, guidelines and standards to maintain the confidentiality, integrity and availability of information systems and data.
Apply technology and processes to ensure the enterprise is protected and secured in the following areas:
Network devices and infrastructure, desktop/mobile devices and remote access to the network,
Information governance to ensure data is managed based on its sensitivity, information security policies, guidelines, and standards.
Provide general support to the CyberSecurity Monitoring and DFIR department in carrying out its’ assigned functions and responsibilities.
Provide off-hours support and problem resolution as directed by departmental requirements, service level agreements and internal support procedures.
Provide assistance with audit issues and concerns affecting the CyberSecurity department
Interact with other Technical and Operation Support Service teams to develop tactical and strategic programs to address processes, controls, organization and infrastructure to manage risk and satisfy directives.
Properly interpret business and technical requirements into security solutions and designs that are consistent with the current security architecture.
Implement and assist in enforcement of company security policies.
Document results of system and application reviews including corrective action taken and security related documentation.
Assist with reviews of current and new CareFirst systems and applications, including changes to existing applications/systems, to assure compliance with Information Security policies and standards.
Apply creative thinking in problem solving and identifying opportunities for improvements in security.
Provide Information Security related recommendations regarding CareFirst infrastructure components (communications network, physical security, data access, computer hardware/software and data confidentiality, integrity, and availability).
Work with intra/interdepartmental technical and business personnel in a dynamic and varying environment.
Collaborate with other Security specialists, designers, developers, and architects.
Work with other technical teams in the organization such as IT Operations and IT Applications.
Share ideas, discuss alternatives, and seek input. Suggest means to decrease vulnerability of systems, applications and processes.
Maintain familiarity with state of the art concepts, procedures, software and techniques in Security in order to be able to effectively assess and develop the CareFirst Information Security environment.


Required: College Degree in an Information Security or Technology related field or equivalent experience plus 7+ years related work experience. The incumbent will possess a high level of expertise in information security concepts, information security policies and system architecture concepts and have experience in process definition, workflow design, and process mapping. In depth understanding in multiple areas of Information Security such as networking (TCP/IP, OSI model, network protocols), operating system fundamentals (Windows, Linux), security technologies (firewalls, switches, routers, IPSEC, IDS/IPS, etc.), authentication technologies, (TACACS, RADIUS, etc.), encryption key management, and mobile device technologies. Also, must have knowledge of incident response, security policy creation, enterprise security strategies, and governance.
The incumbent must have an ability to quickly and effectively learn Information Security tools in a large, complex multi-platform environment.

Abilities/Skills (candidate should posses most of these):
Ability to identify and resolve complex issues and develop security solutions to meet CareFirst’s business and technology goals.
Strong written documentation skills and technical writing are required.
Excellent presentation and verbal communication skills.
Ability to effectively complete tasks with a minimal level of supervision.
Strong computer skills, including knowledge of Microsoft Windows, various e-mail systems (Lotus Notes, Microsoft Exchange) and unified communication systems (Office Communication Server).
Possess broad understanding of the following systems/skill sets:
System hardening concepts and techniques
Firewalls: Palo Alto Networks, Checkpoint, Juniper or Cisco
Network and remote access controls
Advanced routing protocols such as BGP
Exposure to one or more cloud environments - AWS or Azure
Cloud security methodologies and technologies
Threat / Intrusion Prevention technologies
Professional certification such as CISSP, CISM (lead level only)
Specific knowledge of the CareFirst corporate structure.
An understanding of the relationships among various units within the corporation.
Ability to understand and apply appropriate polices and procedures.
Basic understanding of SIEM tools and system log analysis.
Knowledge of ethical hacking techniques and counter attack methodologies.
Familiarity with penetration testing tools
Experience with Bro, Zeek, SNORT or Surricata
Familiarity with scripting and/or automation technologies such as Python and Ansible are highly desirable
Experience working with Information Security tools in a large, complex, multi-platform environment.

Ready to be seen?

Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.

Be seen in a new Security Analyst job

Skip the search

Zero stress and one profile that can connect you directly to 1000s of companies.

Best-fit jobs—for you

We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.

Free Career Coaching

Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.

You get tech. We get you.

Join now and be seen.