|Company||Blue Cross Blue Shield of North Carolina|
|Preferred GIAC Certifications||GSEC, GPPA, GMON, GCIA, GCIH|
|Contact Name||Matthew Avery|
Leads and coordinates the design, deployment and operation of global IT Security management software and hardware devices to ensure that the systems and data integrity of the organization is being maintained and protected against the latest cyber threats.
- Lead the design, deployment and operation of global IT Security management software and hardware devices including, but not limited to: Antivirus defense (AV), Intrusion Detection (IDP/IPS), Network Access Control (NAC), Data Loss Prevention (DLP), and Network Scanning and Vulnerability Identification, etc.
Serve as an Incident leader on IT Security incident response team to handle more complex incident investigations. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents.
- Lead the design and implementation of countermeasures to mitigate potential security threats, especially those that are more complex and far reaching.
- Proactively identify vulnerabilities that are applicable to systems and applications, determine their severity and urgency, work with the system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective.
- Oversee and lead work related to security assessments/reviews/audits of systems including applications, servers, firewalls, remote access logs, web and email filters.
- Lead the review and analysis of security and privacy exceptions. Proactively consult with business partners to resolve security and privacy exceptions.
- Lead work related to review and analysis of complex system compliance monitoring / reporting.
- Independently perform highly complex network vulnerability and information security forensics investigations, often as part of incident response actions.
- Oversee the development, revision, and maintenance of Standard Operating Procedures and Working Instructions related to IT Security.
- Provide informal work coordination and leadership/coaching to less experienced security engineering staff.