BlueCross BlueShield of Western New York

About BlueCross BlueShield of Western New York

 

Job Category:

Information Technology

Country:

United States

Postal Code:

14201

Approximate Salary:

Not Specified

Position Type:

Full Time

Cybersecurity Architect

Posted: 08/24/2018

Auto req ID 1955BR Company BlueCross BlueShield of WNY About Us BlueCross BlueShield of Western New York is a division of HealthNow New York Inc., one of New York’s leading health care companies that provides access to quality health care and solutions for members throughout Upstate New York. Since 1936, BlueCross BlueShield has helped millions of people gain access to health care. Headquartered in Buffalo, NY, the company is an independent Licensee of the BlueCross BlueShield Association. As the region’s leading health plan, serving over 800,000 members, BlueCross BlueShield believes in taking small steps towards healthier living. You can visit our website at www.bcbswny.com. Title Cybersecurity Architect Position Posting Location Buffalo Status Full Time Regular Hours 80 Job Description Develops and implements information security architecture and technology solutions to address the current and emerging information security and compliance requirements of the organization. This includes leading the problem analysis, solutions development, implementation, and decision making that significantly impacts enterprise-wide initiatives. Performs project management activities for multiple information security projects; gap analysis, vendor product evaluations, current systems maintenance, and new system implementations. The incumbent will be responsible for future and target state architecture design for cybersecurity capabilities. Responsible for development of strategies and strategic roadmaps for cybersecurity domains to attain target state architecture incorporating trends in technological advancements and emerging threats. This position will also ensure cross domain architectural planning with enterprise-wide initiatives. Primary Responsibility • Reviews existing security architecture, identifies design gaps, and recommends security enhancements
• Stays abreast of current and emerging security threats and designs security architecture to mitigate them
• Stays abreast of emerging security technologies and integrates them into security architecture as needed
• Ensures alignment between security architecture frameworks and standards and overall business strategy
• Serves as an information security expert and trusted adviser to partners in technical and non-technical business units
• Achieves security architecture compliance on requirements, including but not limited to: payment card industry standards, HIPAA/HITECH, HITRUST, global data privacy requirements, as well as state and federal regulations
• Leads, mentors and collaboratively supports the outcomes of Enterprise Information Assurance staff. Develops and maintains cybersecurity standards to meet compliance requirements and to ensure effective management of cyber risks
• Develops and provides strategic blueprints and roadmaps on cybersecurity capabilities to solutions architects
• Represents department in Enterprise initiatives and planning; and assist with technology strategic roadmap development while ensuring cybersecurity capabilities & technical controls are incorporated
• Collaborates and drives key requirements through governance bodies: Architecture Review Board, Technology Review Board, Data Governance and Information Risk Related committees. Strong background in IaaS, PaaS, SaaS architectures with demonstrated experience in supporting design and migration strategies
Knowledge and Skills • An understanding of the impact of emerging business and end-user technologies have on cybersecurity requirements and architecture
• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• Working knowledge of TOGAF and SABSA methodologies for creation of baseline and target architectural blueprints. Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Demonstrated technical expertise in existing security and IT systems and an ability to keep pace with changing security and IT technologies
• Strong interpersonal skills, with an emphasis on the ability to effectively influence others
• A team-focused mentality with the proven ability to work effectively with diverse stakeholders. An ability to communicate complex and technical issues to diverse audiences professionally, succinctly, and with poise, orally and in writing, in an easily-understood, authoritative, and actionable manner
• Ability to consult with customers, distill business and technical requirements, serve as an advisor in helping business decision makers manage the risk to an acceptable level
• Good understanding and knowledge of cybersecurity concepts, protocols, processes, architectures, and tools (authentication and access control technologies, intrusion detection, network traffic analysis, SIEM technology, incident handling, media/malware analysis, etc.) is preferred. Experience working with Identity & Access Management platforms/technology is preferred
• Specialized information security experience, insight into effective information security practices, training or certification [CISSP, CISM, or similar] is preferred
• Familiarity with the IT audit process and related standards/regulations such as HIPAA, PCI DSS, ITGC, SOX, or similar is preferred
• Experience with major cloud providers for IaaS; demonstrated knowledge from inception to migration from on Premises to cloud
• Experience with PaaS is desirable
Experience Minimum five years (5) of experience as an information cybersecurity architect, engineer or similar role. Training and certification, or equivalent experience, in one or more leading technologies is preferred. Education Required Education:Bachelors Degree (Computer Science, Information Technology or other health related fields) or an equivalent combination of education and/or relevant experience Certification CISSP or CISM Working Conditions Must be able to work in an office environment Heat, light, air, space and working environment typically found in an office environment Manual Dexterity Req: Eye-hand coordination and manual dexterity sufficient to effectively utilize various office equipment (phone, computer, fax machine, printer, copier, filing cabinet, etc) Mental effort: Adequate to perform essential functions of the job with the type of judgements and responsibilities as indicated in the job description. Lifting - 0% to 5% - Rarely Carrying Physical Effort: Minimum; typical of most office work. Mostly sedentary work. Sitting - 34% to 66% - Frequent Standing - 6% to 33% - Occasional Vision Req: Close vision (clear vision at 20 inches or less) Vision Req: Distance (clear vision at 20 feet or more) Walking - 34% to 66% - Frequent Removal Date 24-Aug-2019

Apply Now