|Company||Blue Cross Blue Shield of North Carolina|
|Preferred GIAC Certifications||GSEC, GPPA, GMON, GCIA, GCIH|
|Contact Name||Anthony Roccaro|
Blue Cross NC is looking for a Sr. Cyber Security Engineer to join our already skilled team of security professionals. We are looking for you who have a passion for security and take satisfaction in knowing your work has a positive effect on our customers.
As the Sr. Cyber Security Engineer on our team you will have the opportunity to contribute directly to the current state of Blue Cross NC’s security posture, identifying and responding to security issues and addressing potential risks through the implementation of new security operation tools and technology.
When joining the security team at Blue Cross NC you will have the ability to take advantage of our employee networks and company events such as our annual IT Summit.
-Perform the design, deployment and operation of global IT Security management software and hardware devices including, but not limited to: Data Loss Prevention (DLP), Network Access Control (NAC), Antivirus defense (AV) / Endpoint Security, , Security Information and Event Management (SIEM), Network Scanning and Vulnerability Identification.
-Create scripts and develop integrations between security tools to optimize the efficiency of security operations processes.
-Serve as an Incident leader on an IT Security incident response team to handle security investigations. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents.
-Devise and implement countermeasures to mitigate potential security threats, especially those that are more complex and far reaching.
-Maintain awareness of new and emerging cyber attack threats with potential to harm company systems and networks. Proactively identify vulnerabilities that are applicable to systems and applications, determine their severity and urgency, work with the system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective.
Bachelor’s degree and 5 years of strong technical information security engineering experience, including the roll out, management, and advanced troubleshooting of network and endpoint security tools.
In lieu of degree, 6 years of information security engineering experience.
Must have strong technical implementation, operation, and maintenance experience for at least two of the following technologies: Data Loss Prevention (DLP), Network Access Control (NAC), Antivirus defense (AV) / Endpoint Security, Security Information and Event Management (SIEM), Network Scanning and Vulnerability identification and remediation.
Strong knowledge of scripting languages (perl, python, bash, etc.) to automate manual processes and improve the efficiency of the security team. Experience designing and implementing the integration of security tools using system API's.
Professional and/or technical certification in Information Security is desirable (i.e. Security+, Network+, CCNA, SANS certifications (GSEC, GPPA, GMON, GCIA, GCIH, etc.), CISSP)
Demonstrated initiative to learn new technologies, a commitment to continuous process improvement, and a strong passion for security.
Informal mentoring skills.