|
|
|
|
Information Security Risk Analyst Job
|
 |
If this is a scam, MLM, or Home Based "Opportunity" then Mark as SPAM
|
 |
Thank you for helping! This job will be reviewed by us shortly. Undo
|
| Employer Name: |
SpiderID: 13307528 |
| Location: San Diego, California |
Date Posted: 3/24/2023 |
| Wage: Negotiable |
Category: Insurance |
| Job Code: 17002DF-2191 |
|
Job Description:
 Looking for a chance to do meaningful work that touches millions? Come join the hardest working, nonprofit health plan in California and help us shape the future of health care. Blue Shield of California's Mission is to ensure all Californians have access to high-quality care at an affordable price. Blue Shield is focused on improving health care delivery by working closely with providers and making it more accessible, affordable and customer-centric. Being a mission-driven organization means we do much more than serve our 4 million members: we were the first health plan in the nation to limit our annual net income to 2 percent of revenue and return the difference to our customers and the community, and since 2005 we have contributed more than $325 million to the Blue Shield of California Foundation to improve community health and end domestic violence. We also believe that a healthier California begins with our employees, so we provide them with resources to develop and maintain a healthy lifestyle through our award-winning wellness program, Wellvolution.
We're hiring smart thinkers and doers who want to work for a leader and innovator in the challenging, ever-changing healthcare space. Come and help us make health care better for everyone.
Description:
Opportunity:
We have an immediate opening for an Information Security Analyst within our IT Security Risk and Governance Team. The Information Security Analyst is responsible for assessing information security risk by evaluating Blue Shield's systems and author information security risk reports to highlight current architecture, mitigations, and cybersecurity risk posture. The analyst will support engineering, architecture and defense management teams by leveraging knowledge of risk assessment tactics, techniques, and procedures and assist stakeholders with guiding programs through the risk assessment process.
The Information Security Analyst provides security consulting support to business and project teams as to risk assessments and security controls, ensure architectural alignment relative to meeting defined security requirements and working to promote business enablement while maintaining an appropriate security posture relative to risk. The Information Security Analyst also works to identify opportunities for standardization of security controls and practices across the enterprise rather than point solutions with the objective of making security, including technologies, processes and people, an intrinsic competency rather than an afterthought in addressing business and IT needs.
Qualifications:
Experience:
- 5+ years of experience with IT, including IT security, risk assessment, or compliance
- Experience with information security concepts and principles and conducting security control assessments
- Knowledge of system security risk management, information system security, and compliance practices
- Ability to lead complex business development activities from a systems security perspective
- Ability to be a subject matter expert in governance frameworks and control implementations
- Ability to identify, document, and define risks and potential impacts through the risk assessment framework using assessment tools and procedures.
- Assess security concerns in the current operating environment against policies, standards, and best practices.
- Create and maintain security assessment documentation.
- Collaborate extensively with distributed workforce and represent the governance organization to meet business objectives.
Education/Requirements: BSc in Computer Science MSc in Computer Science preferred Minimum Experience Level: Minimum: Superior analytical and problem solving skills. Superior computer skills to access data and information and to test systems changes. Superior knowledge of security concepts and principles Superior knowledge of TCP/IP Superior knowledge of UNIX Superior knowledge of Windows servers Superior knowledge of IDS/IPS systems Superior knowledge of Incident Response processes. Superior knowledge of Computer Forensics Superior knowledge of Penetration Testing Superior knowledge of security log analysis Preferred: Extensive experience in managing security engineers in a complex environment. Extensive experience in managing Incident Response teams. Good project management and priority setting skills. Effective presentation skills. Excellent human relations and verbal/written communication skills. Effective negotiation skills. Experience: 12 years minimum; 15 years preferred Certifications/Licenses: CISSP, CISA, CISM
Job Criteria:
Start Date:
Position Type: Full-Time Permanent
Years of Experience Required:
Education Required:
Overnight Travel:
Vacation Time:
Contact Information:
| Contact Name: Blue Shield of California |
Company Type: |
| Company: Blue Shield of California |
|
|
|
| City: |
|
| State: |
|
| Zip: |
|
|
|
|
|
|
|