Blue Cross Blue Shield of Arizona is a local, independent and not-for-profit health insurance company headquartered in Phoenix. Founded in 1939, the company has more than 1,300 dedicated employees throughout its Phoenix, Tucson, Chandler and Flagstaff offices. Providing health insurance products, services and networks to more than 1 million Arizonans, Blue Cross Blue Shield of Arizona offers various health plans for individuals, families, and small and large businesses. Blue Cross Blue Shield of Arizona also offers Medicare supplement plans to individuals over age 65.
Blue Cross Blue Shield of Arizona helps to fulfill its mission of improving the quality of life of Arizonans by delivering a variety of health insurance products and services to meet the diverse needs of individuals, families, and small and large businesses as well as providing information and tools to help individuals make better health decisions.
Under minimal supervision, performs the implementation and administration of information security policies, practices and procedures on systems vital to the company. Serves at the Information Security Architect in system design and review. Assistance in the performance of access control and maintenance of user security profiles, conducts audit reviews of security logs and user permissions, develops security documentation and processes and manages the information security infrastructure such as security administration software, intrusion detection and prevention systems and information security monitoring.
-Consults project teams on simple and complex projects integrating the information security process in system design.
-Researches and consults infrastructure on network security design and best practices.
-Analyze and perform information security risk assessments on new systems and upgrades to determine impact to information security.
-Executes the Business Associate Risk Assessment (BARA) methodology.
-Participates in on-site business associate security assessments that may require travel.
-Weigh business needs against security concerns and articulate risks to management.
-Provide subject matter expertise to business and project teams to define security policy and technical requirements.
-Assist workforce members with security related questions or problems.
-Assists in keeping the Information Security Services SharePoint site updated.
-Maintains user profiles for all Information Security Services-controlled applications/systems.
-Utilize security administration documentation and processes.
-Participate in the departmental on-call rotation.
-Coordinate access controls requests.
-Coordinates approvals for special access requests.
-Reviews and analyzes violation reporting with follow-up as necessary.
-Review and analyze security requests as needed for potential conflicts involving segregation of duties.
-Performs monthly audits of random users¿ system access.
-Author security-related articles.
-Performs special projects as assigned.
-Participates in Quality and corporate task teams as deemed appropriate.
-Monitors anti-virus and anti-malware systems.
-Monitors secure email by pass notifications.
-Runs Internet activity reports as required and prepares reports for management.
-Establishes and removes users¿ Internet access.
-Makes approved changes to network firewall white lists
-Create and update weekly status reports of progress and productivity.
-Educate workforce members on security practices through individual training, Intranet articles, etc.
-Cross train in other information security duties to support the business as needed.
-Demonstrated self starter and proven ability to work independently.
The position requires a full-time work schedule. Full-time is defined as working at least 40 hours per week, plus any additional hours as requested or needed to perform job responsibilities.
Performs all other duties as assigned.
Education and Experience:
-Associates degree in a business discipline, Information Systems, or related computer science and/or an equivalent life work experience.
Knowledge of Microsoft Applications and Suites, Windows Server, and Microsoft SQL databases.
-Knowledge of the use of SharePoint and Web Based Applications.
-4-10 years experience in Information Security, Information Systems Development, or Information Systems Audit fields.
-Experience with ISO 17799, 27001, 27002/BS7799 and COBIT
-Possess a Certified Information Systems Security Professional (CISSP) or agree to pursue and achieve one within 12 months of being placed into this skill level.
-As part of career progression seek and acquire a Certified Information Systems Auditor (CISA), GIAC Security Essentials Certification (GSEC), or equivalent professional certification and agree to maintain the credential(s) as a condition of employment.
-Knowledge of project management concepts
-Demonstrate technical ability and problem solving skills to include metric development and deliverance to senior management.
-Proven ability to write and present information security training documentation
-Demonstrate the ability to stay current on global threats and vulnerabilities.
-Must demonstrate time management skills and the ability to multi-task and work independently while under several competing deadlines and with constant interruption.
-Knowledge of personal computers, network hardware, network topology, and desktop applications.
-The willingness to work nights, weekends, and holidays when called upon.
-Be willing to be on call 24 hours a day, 7 days a week, and 365 days a year.
-Successfully pass drug screening and a complex back ground check
Blue Cross Blue Shield of Arizona does not discriminate in hiring or employment on the basis of race, ethnicity, religion, national origin, sexual orientation, gender, disability, age, covered veteran status or any other protected group.
Thank you for your interest in Blue Cross Blue Shield of Arizona. For more information on our company, see azblue.com.
Blue Cross Blue Shield of Arizona - 19 months ago