Principal Security Architect

BlueCross BlueShield of Tennessee is hiring a Principal Security Architect. In this critical role, you’ll help drive security architecture across our hybrid environment.

Fostering collaboration across EIT, Information Delivery and external stakeholders, you’ll ensure our designs and implementations are meeting BCBST security standards and keeping risk mitigation top of mind. This is a unique opportunity to bolster cloud security, influence AI adoption and reduce risk across the enterprise, safeguarding the 3.4 million members and communities we serve

Our ideal candidates will bring:

• Production experience in healthcare, hospital systems, payor systems, and/or other regulatory environments

• Excitement around and (experience with securing) AI platforms like Vertex (or similar Generative AI cloud platforms).

• Experience using threat modeling to identify the security patterns or controls needed in a solution design

Note:

• While this is a fully remote role, final onsite interviews at our Chattanooga, Tennessee headquarters will be required.

• Sponsorship is not available for this role.

Job Responsibilities

• Develop, maintain and communicate policies, standards and procedures to manage security functions relative to information technology systems (including systems under development), networks, applications, and voice and data communications that are consistent with applicable regulatory and compliance requirements.
• Defines and develops security requirements using risk assessments, threat modeling, testing and analysis of existing systems.
• Review system security measures and identity strengths, weaknesses and vulnerabilities in existing systems and plan to implement design and architectural changes to protect existing infrastructure and to incorporate future solutions.
• Partners with stakeholders to provide risk-based guidance and encourage the adoption of security-compatible system design.
• Cultivates a culture of security awareness and promotes continues education of personnel to ensure adherence to security policies and compliance requirements.
• Tracks emerging security practices, standards, and keeps abreast of cyber threat information with actionable information influencing security architecture and design
• Provide subject matter expertise on a broad range of information security standards and best practices, such as NIST, PCI, ISO 27001, MAR and others as applicable.
• Work with Enterprise Architecture team, Information Security team, and appropriate stakeholders to prepare and present relevant information on security status as required.

Job Qualifications
Education

• Bachelor’s Degree in Business, Computer Science or equivalent work experience required. Equivalent years of experience are determined as one year of technical experience for every year of college requested.

Experience

• 7 years - Experience as an individual contributor leading a team in the design and implementation of one or more of the following: application and integration, data, technology and/or security architecture required.
• Experience reviewing vendors and products, making sure they align with organizational security policies and standards
• Experience using threat modeling to identify the security patterns or controls needed in a solution design
• Extensive experience in information security and/or other IT role with a focus on security, performance and reliability

Skills\Certifications

• Information Security certifications such as the Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager Certification (CISM) is preferred for this position
• Advanced understanding of security protocols, cryptography, authentication, authorization, system and data security.
• Working knowledge of current IT risks and experience implementing security solutions for on-premises and cloud solutions
• Excellent oral and written communication skills as well as business acumen to communicate details about security infrastructure, policies, and practices to technical and nontechnical colleagues
• Strong interpersonal and organizational skills
• Ability to manage multiple projects and priorities
• Ability to act as a mentor
• Ability to work independently with minimal supervision or function in a team environment, sharing responsibilities, roles, and accountability
• Ability to collaborate with a cross-functional teams to explain and enforce security measures
• Ability to apply security concepts and controls to adapt to organizations’ needs and goals
   

Number of Openings Available

1

Worker Type:

Employee

Company:

BCBST BlueCross BlueShield of Tennessee, Inc.

Applying for this job indicates your acknowledgement and understanding of the following statements:

BCBST will recruit, hire, train and promote individuals in all job classifications without regard to race, religion, color, age, sex, national origin, citizenship, pregnancy, veteran status, sexual orientation, physical or mental disability, gender identity, or any other characteristic protected by applicable law.

Further information regarding BCBST's EEO Policies/Notices may be found by reviewing the following page:

BCBST's EEO Policies/Notices

BlueCross BlueShield of Tennessee is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at BlueCross BlueShield of Tennessee via-email, the Internet or any other method without a valid, written Direct Placement Agreement in place for this position from BlueCross BlueShield of Tennessee HR/Talent Acquisition will not be considered. No fee will be paid in the event the applicant is hired by BlueCross BlueShield of Tennessee as a result of the referral or through other means.