Posted in Other 30+ days ago.
This job brought to you by America's Job Exchange
Type: Full Time
Location: Durham, North Carolina
We are looking for a Principal Network Security Engineer to join our already skilled team of security experts. We want you to have a real passion for security and apply it to our high-performance culture. We care deeply about the work we do and the impact it has on our customers. You can take happiness in knowing your work has a positive effect on the people of North Carolina.
You ll be a trusted member of a high energy, tight-knit, creative team. As one of our valued members of the team you will lead and coordinate the design, evaluation and testing of the security of systems. It will be your responsibility that the integrity of the organizations data is being maintained and protected against the latest cyber threats.
If you are ready to make a career out of making a difference then you are the person for this team.
* Responsible for technical leadership of the management, design, support, and administration of the Corporate Firewalls, IPS, Proxys and VPN
* Serves as the primary Subject Matter Expert for the design, deployment and operation of global IT Security management software and hardware devices including, but not limited to: AntiVirus defense, Intrusion Detection, encryption systems, authentication and access control systems, network scanning and vulnerability assessment, etc.
* Serve as an Incident leader on IT Security incident response team to handle incident investigations. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents.
* Provide technical thought leadership and mentor less experienced team members in industry and security best practices.
* Serve as the principle technological representative of the team to internal customers and external business partners.
* Maintain awareness of new and emerging cyber attack threats with potential to harm company systems and networks.
* Design, oversee and implement countermeasures to mitigate potential security threats, especially those that are more complex and far reaching.
* Proactively identify vulnerabilities that are applicable to systems and applications, determine their severity and urgency, work with the system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective.
* Lead and coordinate security assessments/reviews /audits of systems including applications, servers, firewalls, remote access logs, web and email filters.
* Review more complex existing applications periodically and new applications prior to installation to ensure that the applications adhere to security policies. Perform detailed risk analysis assessment of applications, networks and systems.
* Review and analyze security and privacy exceptions. Work with business partners to resolve security and privacy exceptions
* Perform, review, and analyze system compliance monitoring / reporting.
* Perform more complex network vulnerability / penetration testing and information security forensics investigations.
* Develop, revise and maintain Standard Operating Procedures and Working Instructions related to IT Security.
* Bachelor s degree and 7 years of information security engineering experience.
* In lieu of degree, 8 years of information security engineering experience.
* Expertise in broad based technical security systems and safeguard knowledge with specialization in either Threat and Vulnerability Management or Identity Access Management.
* Bachelor s degree in Computer Security, Computer Science, or Engineering.
* Proven informal leadership, coaching and mentoring skills.
* Strong work coordination, project management and planning skills.
* Exceptional consulting skillset with ability to provide appropriate direction to other IT groups and executives on security matters.
* Demonstrated initiative to learn new technologies.
* Exceptional analytical and problem-solving skills.
* Proven ability to present and discuss highly complex technical information to users with varying technical expertise.
* Must be detail-oriented with a focus on accuracy.
* Excellent written and verbal communication skills.
* Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.
* Superior customer focus and the ability to manage customer expectations.
* Demonstrated commitment to and leadership of continuous process improvement.
* Proven ability to work effectively in emergencies while handling multiple priorities.
* Professional and/or technical certification in Information Security is desirable (i.e. CISSP, CISM, CISA, Security+, ISO, SANS certifications).
Blue Cross and Blue Shield of North Carolina does not discriminate on the basis of race, color, national origin, sex, age or disability in its health programs and activities.