Senior Cloud Security Engineer

This position is responsible for securing BCBST technology assets and the environments in which those assets function and exist. This role will support the execution of specific cyber security projects as assigned. Responsibilities include solution implementation and support of new security solutions, identifying security gaps, developing project plans to implement & maintain controls for BCBST technology. The Senior Cloud Cyber Security Engineer will be a subject matter expert in at least three of the following areas: cloud security (GCP, Azure, AWS), network security, application security, or data security.

Job Description:

Job Responsibilities

• Ensures system security needs are established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening.
• Ensures and anticipates Application, Cloud, and Platform security integrations with core security technologies.
• Collaborates with the technical teams to ensure that the results of projects fully satisfy the needs embodied in the requirements.
• Act as technical expert and assess potential systems and process vulnerabilities to determine security infrastructure and cloud requirements.
• Ensure compliance with regulations and privacy laws.
• Security automation for testing, identity, cloud, and secure configuration baseline monitoring.
• Providing technical support on information security policies, principles, standards, and procedures.
• Demonstrated ability to lead, document, and meet deadlines for projects from milestones to tasks and identify ownership per project with implementation knowledge and expectations.
• Comprehensive experience configuring and leveraging SSO and step-up authentication to support authorization, including federation services.
• Recommends/designs cloud services and tools for systems which meet business needs and considers target environment, performance, security requirements and costs.
• Work with architecture and development teams to provide guidance for new system designs and determine if on premise or cloud environments are best suited to run the workload.

Job Qualifications

Education

• Bachelor's Degree or equivalent work experience required. Equivalent experience is defined as 4 years of professional work experience in a corporate environment.

Experience

• 5 years - Cloud Infrastructure and Software Engineering experience.
• Experience with enterprise network design including segmentation models, encryption, logging and monitoring.
• Experience with firewalls, network authentication controls, and Linux/Windows operating systems.
• Experience with logging and monitoring tools such as Splunk, New Relic, Logstash, Logscale, CloudTrail.

Skills/Certifications

• Proficient in Microsoft Office (Outlook, Word, Excel and PowerPoint).
• Proven analytical and problem-solving skills and ability to perform non-routine analytical tasks.
• Proven ability to provide Security integration, automation, and configuration efforts with Security oversight for software in the BCBST environment.
• Proven ability to determine Technical Security Baselines and ensure the baselines meet BCBST Policy and Standards.
• Proficient understanding of troubleshooting approaches, including knowledge of underlying security tools, networking, server, application, and cloud environments.
• Deep understanding of Azure and/or GCP experience is required.
• Strong knowledge of various aspects of CI/CD practices: Infrastructure
• Automation, Application Build and Deployment Automation using various leading tools.
• Understanding of Docker/Kubernetes for managing container-based images and their deployment via Kubernetes based services
• Knowledge and experience of Terraform/Ansible, GIT based products (GitHub, Bitbucket), Azure DevOps/Jenkins, etc., for building pipeline.
• Understanding of cloud security architectures for cloud/hybrid systems.
• Well-developed understanding of APIs, databases, and file connections for application connections.
• Proven ability to plan, prioritize, organize, configure, and coordinate across multiple applications and systems.
• Ability to work independently with minimal supervision or function in a team environment sharing responsibility, roles, and accountability.
• Preferred CISSP, CISA, CRISC, or SANS certification.

Job Specific Requirements:

Preferred Skills:

Number of Openings Available:

1

Worker Type:

Employee

Worker Sub-Type:

Employee

Company:

BCBST BlueCross BlueShield of Tennessee, Inc.

Applying for this job indicates your acknowledgement and understanding of the following statements:

BCBST is an Equal Opportunity employer (EEO), and all employees and applicants will be entitled to equal employment opportunities when employment decisions are made. BCBST will take affirmative action to recruit, hire, train and promote individuals in all job classifications without regard to race, religion, color, age, sex, national origin, citizenship, pregnancy, veteran status, sexual orientation, physical or mental disability, gender identity, or any other characteristic protected by applicable law.

Further information regarding BCBST's EEO Policies/Notices may be found by reviewing the following page:

BCBST's EEO Policies/Notices (~~~)

BlueCross BlueShield of Tennessee is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at BlueCross BlueShield of Tennessee via-email, the Internet or any other method without a valid, written Direct Placement Agreement in place for this position from BlueCross BlueShield of Tennessee HR/Talent Acquisition will not be considered. No fee will be paid in the event the applicant is hired by BlueCross BlueShield of Tennessee as a result of the referral or through other means.

Tobacco-Free Hiring Statement

To further our mission of peace of mind through better health, effective 2017, BlueCross BlueShield of Tennessee and its subsidiaries no longer hire individuals who use tobacco or nicotine products (including but not limited to cigarettes, cigars, pipe tobacco, snuff, chewing tobacco, gum, patch, lozenges and electronic or smokeless cigarettes) in any form in Tennessee and where state law permits. A tobacco or nicotine free hiring practice is part of an effort to combat serious diseases, as well as to promote health and wellness for our employees and our community. All offers of employment will be contingent upon passing a background check which includes an illegal drug and tobacco/nicotine test. An individual whose post offer screening result is positive for illegal drugs or tobacco/nicotineand/or whose background check is verified to be unsatisfactory, will be disqualified from employment, the job offer will be withdrawn, and they may be disqualified from applying for employment for six (6) months from the date of the post offer screening results.

Resources to help individuals discontinue the use of tobacco/nicotine products include ~~~ or 1-800-QUIT-NOW.

About Us

As Tennessee's largest health benefit plan company, we've been helping Tennesseans find their own unique paths to good health for over 65 years. More than that, we're your neighbors and friends - fellow Tennesseans with deep roots of caring tradition, a focused approach to physical, financial and community good health for today, and a bright outlook for an even healthier tomorrow.