This position is responsible for developing, evaluating and managing systems security across the enterprise. Areas of concentration include policy management, awareness, training and metrics. Requires knowledge of systems administration and security tools, combined with the knowledge of security practices and procedures. Leads the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. Works with technical SMEs and management to enforce security policies and procedures by administering and monitoring security profiles, reviewing security violation reports and investigating possible security exceptions, and maintaining and updating documented security controls. Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff information security related issues. Educates users on systems security standards and procedures. Must have knowledge and experience with various security domains.
1) Bachelor's Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience.
2) 7 years of combined IT and security work experience with an emphasis on information security policy development and
enforcement, as well as experience understanding various information security regulations.
3) Excellent written and verbal communication skills; ability to communicate with all levels of the organization across IT and
4) Ability to translate technical language into business requirements and vice versa
5) Anticipates internal and or external business challenges and/or regulatory issues; recommends process, product or service
6) Solves unique and complex problems that have a broad impact on the business
7) Contributes to the development of functional strategy
8) Leads project teams to achieve milestones and objectives
PREFERRED JOB SKILLS REQUIREMENTS:
1) Experience across information security domains
2) Ability to create and maintain usable information security policies, procedures & standards
3) Applicable security certification, such as CISSP or CISA
Blue Cross Blue Shield of Illinois - 24 months ago