Senior Cyber Security Engineer
This job is no longer active.
View similar jobs.
POST DATE 8/18/2016
END DATE 10/16/2016
Blue Cross and Blue Shield of North Carolina
JOB DESCRIPTIONAPPLY JOB DESCRIPTION
Handles more complex design, evalutation and testing of the security of systems to ensure that the systems and data integrity of the organization is being maintained and protected against the latest cyber threats.
* Provide high level technical input into the design, deployment and operation of global IT Security management software and hardware devices including, but not limited to: AntiVirus defense, Intrusion Detection, encryption systems, authentication and access control systems, network scanning and vulnerability assessment, etc.
* Serve as an Incident leader on IT Security incident response team to handle incident investigations. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents.
* Maintain awareness of new and emerging cyber attack threats with potential to harm company systems and networks.
* Devise and implement countermeasures to mitigate potential security threats, especially those that are more complex and far reaching.
* Proactively identify vulnerabilities that are applicable to systems and applications, determine their severity and urgency, work with the system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective.
* Coordinate security assessments/reviews /audits of systems including applications, servers, firewalls, remote access logs, web and email filters.
* Review more complex existing applications periodically and new applications prior to installation to ensure that the applications adhere to security policies. Perform detailed risk analysis assessment of applications, networks and systems.
* Review and analyze security and privacy exceptions. Work with business partners to resolve security and privacy exceptions
* Perform, review, and analyze system compliance monitoring / reporting.
* Perform more complex network vulnerability / penetration testing and information security forensics investigations.
* Develop, revise and maintain Standard Operating Procedures and Working Instructions related to IT Security.
* Bachelor s degree and 5 years of information security engineering experience.
* In lieu of degree, 6 years of information security engineering experience.
* Proficient technical security systems and safeguard knowledge use in a complex system infrastructure including: firewall technologies , encryption based security safeguards and standards, major operating system security configurations data and network encryption technologies and products.
* Security technical expertise in one or more of distributed, mainframe, and midrange host environments Knowledge of Network security understanding in a multi-protocol LAN/WAN environment including TCP/IP, IPSEC, SSL and HTTP.
* Understanding of host and network intrusion detection, and monitoring systems and methodologies.
* Bachelor s degree in Computer Security, Computer Science, or Engineering.
* Knowledge of Identity Management solutions
* Informal mentoring skills.
* Strong consulting skillset with ability to provide appropriate direction to other IT groups on security matters.
* Demonstrated initiative to learn new technologies.
* Excellent analytical and problem-solving skills.
* Proven ability to present and discuss complex technical information to users with varying technical expertise.
* Must be detail-oriented with a focus on accuracy.
* Excellent written and verbal communication skills.
* Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.
* Excellent customer focus and the ability to manage customer expectations.
* Demonstrated commitment to and leadership of continuous process improvement.
* Proven ability to work effectively in emergencies while handling multiple priorities.
* Professional and/or technical certification in Information Security is desirable (i.e. CISSP, CISM, CISA, Security+, ISO, SANS certifications)..