IS Security Risk Cloud Analyst III

Summary

Job Description Summary

Why should you join the BlueCross BlueShield of South Carolina family of companies? Other companies come and go, but for more than seven decades we've been part of the national landscape, with our roots firmly embedded in the South Carolina community. We are the largest insurance company in South Carolina … and much more. We are one of the nation's leading administrators of government contracts. We operate one of the most sophisticated data processing centers in the Southeast. We also have a diverse family of subsidiary companies that allows us to build on a variety of business strengths. We deliver outstanding service to our customers. If you are dedicated to the same philosophy, consider joining our team!

Description

Position Purpose:

If you have any experience providing Cloud support, this position may be for you! We are looking for someone who can do the following:

• Provide guidance and support to both I/S and customer areas regarding secure maintenance of deployed cloud services.

• Assist I/S and customer areas by translating technical security guidance and compliance controls into measurable remediation activities.

• Monitor cloud compliance posture, distribute trending, and manage escalations across all echelons as needed.

• Support audit activities related to security and compliance of deployed cloud solutions and authorized SaaS products.

What You'll Do:

• Independently monitor remediation of new and outstanding issues, including Information Security Risk Exception process, to ensure identification of areas of non-compliance. Utilize tools to track and report on compliance posture.

• Independently conduct formal risk analysis and self-assessments to determine effectiveness of controls and ensure creation of action plans to remediate identified risks..

• Facilitate development, implementation and documentation of Information Security policies, procedures, processes and programs to guide organization toward continuous compliance. Independently analyze and interpret security regulations and controls to advise on security compliance at a broad perspective across multiple business areas. Consult on organizational impacts of compliance and risk management decisions.

• Serve as an interface with external entities for governance and compliance reviews regarding information security risk across multiple business areas and controls.

• Independently investigate, document and resolve Information Security Incidents. Advise senior management of critical issues that may affect organization.

• Research emerging security topics, threats and capabilities to create/update policy and governance. Promote organizational security awareness by developing security training, Security Council bulletins, security policies, standards and best practices.

To Qualify for This Position, You'll Need:

Required Education:

• Bachelor's in a job related field OR,
• 4 years job related work experience OR,
• Associate's and 2 years job related work experience

Required Work Experience:

• 6 years of I/T experience including 4 years of IT security, risk assessment and/or compliance experience. OR,
• Successful completion of BCBSSC I/S Entry Level Training Program (ELTP) may be substituted for 2 years of I/T experience.

Required Skills and Abilities:

• Good understanding of Systems Development Life Cycle methodologies.

Subject Matter Expert in government or private risk frameworks and control implementations.

• Good understanding of risk management, information system security and compliance standards.

• Excellent analytical and decision-making skills.

• Proven ability to interpret and apply knowledge of regulatory/accreditation requirements.

• Ability to independently solve problems often spanning multiple environments and business areas.

• Ability to effect change and bring security, risk and compliance knowledge to the organization through the use of positive influence.

• Understanding of infrastructure and networking architecture WANs, LANs, Internet, intranets and communication protocols.

• Strong communication skills in presenting results both verbally and in writing.

• Possess excellent collaboration skills with a wide variety of internal matrix and management staff.

• Basic understanding of System Development Life Cycle methodologies.

Required Software and Other Tools: Standard office equipment.

We Prefer That You Have:

• (ISC)2 CCSP (Certified Cloud Security Professional) OR,
• CSA CCSK (Cloud Security Alliance - Certificate of Cloud Security Knowledge) OR,
• GIAC GCSA (Cloud Security Automation) OR,
• CompTIA Cloud+ OR,
• AWS Certified Security OR,
• Microsoft Azure Security Engineer (Associate)

Work Environment: Fast paced, multi-platformed environment which may require action and response 24X7 to support the technical business needs of the customer.

What We Can Do For You:

We understand the value of a diverse and inclusive workplace and strive to be an employer where employees across all spectrums have access and opportunity to develop their skills, advance their careers and contribute their unique abilities to the growth of our company.

Our comprehensive benefits package includes:

• 401(k) retirement savings plan with company match

• Subsidized health plans and free vision coverage

• Life insurance

• Paid annual leave - the longer you work here, the more you earn

• Nine paid holidays

• On-site cafeterias and fitness centers in major locations

• Wellness programs and a healthy lifestyle premium discount

• Tuition assistance

• Service recognition

What to Expect Next:

After submitting your application, our recruiting team members will review your resume to ensure you meet the qualifications. This may include a brief telephone interview or email communication with our recruiter to verify resume specifics and salary requirements. Management will be conducting interviews with those candidates who qualify with prioritization given to those candidates who demonstrate the preferred qualifications.

We participate in E-Verify and comply with the Pay Transparency Nondiscrimination Provision. We are an Equal Opportunity Employer.

Some states have required notifications. Here's more information.

Equal Employment Opportunity Statement

BlueCross BlueShield of South Carolina and our subsidiary companies maintain a continuing policy of nondiscrimination in employment to promote employment opportunities for persons regardless of age, race, color, national origin, sex, religion, veteran status, disability, weight, sexual orientation, gender identity, genetic information or any other legally protected status. Additionally, as a federal contractor, the company maintains Affirmative Action programs to promote employment opportunities for minorities, females, disabled individuals and veterans. It is our policy to provide equal opportunities in all phases of the employment process and to comply with applicable federal, state and local laws and regulations.

We are committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities.

If you need special assistance or an accommodation while seeking employment, please e-mail mycareer.help@bcbssc.com or call 1-800-288-2227, ext. 47480 with the nature of your request. We will make a determination regarding your request for reasonable accommodation on a case-by-case basis.