Principal Security Architect

BlueCross BlueShield of Tennessee is hiring a Principal Security Architect. In this critical role, you’ll help drive security architecture across our cloud environments. Our ideal candidate will bring Google Cloud Platform subject matter expertise combined with working experience on (and passion around) Generative AI initiatives. Fostering collaboration across EIT, Information Delivery and external stakeholders, you’ll ensure our designs and implementations are meeting BCBST security standards and keep risk mitigation top of mind. Experience with Vertex and/or Gemini is a major plus; production experience in healthcare, hospital systems, payor systems, and/or other regulatory environments also preferred.

Note: Sponsorship is not available for this role.

Job Responsibilities

• Develop, maintain and communicate policies, standards and procedures to manage security functions relative to information technology systems (including systems under development), networks, applications, and voice and data communications that are consistent with applicable regulatory and compliance requirements.
• Defines and develops security requirements using risk assessments, threat modeling, testing and analysis of existing systems.
• Review system security measures and identity strengths, weaknesses and vulnerabilities in existing systems and plan to implement design and architectural changes to protect existing infrastructure and to incorporate future solutions.
• Partners with stakeholders to provide risk-based guidance and encourage the adoption of security-compatible system design.
• Cultivates a culture of security awareness and promotes continues education of personnel to ensure adherence to security policies and compliance requirements.
• Tracks emerging security practices, standards, and keeps abreast of cyber threat information with actionable information influencing security architecture and design
• Provide subject matter expertise on a broad range of information security standards and best practices, such as NIST, PCI, ISO 27001, MAR and others as applicable.
• Work with Enterprise Architecture team, Information Security team, and appropriate stakeholders to prepare and present relevant information on security status as required.

Job Qualifications
Education

• Bachelor’s Degree in Business, Computer Science or equivalent work experience required. Equivalent years of experience are determined as one year of technical experience for every year of college requested.

Experience

• 7 years - Experience as an individual contributor leading a team in the design and implementation of one or more of the following: application and integration, data, technology and/or security architecture required.
• Experience reviewing vendors and products, making sure they align with organizational security policies and standards
• Experience using threat modeling to identify the security patterns or controls needed in a solution design
• Extensive experience in information security and/or other IT role with a focus on security, performance and reliability

Skills\Certifications

• Information Security certifications such as the Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager Certification (CISM) is preferred for this position
• Advanced understanding of security protocols, cryptography, authentication, authorization, system and data security.
• Working knowledge of current IT risks and experience implementing security solutions for on-premises and cloud solutions
• Excellent oral and written communication skills as well as business acumen to communicate details about security infrastructure, policies, and practices to technical and nontechnical colleagues
• Strong interpersonal and organizational skills
• Ability to manage multiple projects and priorities
• Ability to act as a mentor
• Ability to work independently with minimal supervision or function in a team environment, sharing responsibilities, roles, and accountability
• Ability to collaborate with a cross-functional teams to explain and enforce security measures
• Ability to apply security concepts and controls to adapt to organizations’ needs and goals
   

-

Number of Openings Available:

1

Worker Type:

Employee

Company:

BCBST BlueCross BlueShield of Tennessee, Inc.

Applying for this job indicates your acknowledgement and understanding of the following statements:

BCBST will recruit, hire, train and promote individuals in all job classifications without regard to race, religion, color, age, sex, national origin, citizenship, pregnancy, veteran status, sexual orientation, physical or mental disability, gender identity, or any other characteristic protected by applicable law.

Further information regarding BCBST's EEO Policies/Notices may be found by reviewing the following page:

BCBST's EEO Policies/Notices

BlueCross BlueShield of Tennessee is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at BlueCross BlueShield of Tennessee via-email, the Internet or any other method without a valid, written Direct Placement Agreement in place for this position from BlueCross BlueShield of Tennessee HR/Talent Acquisition will not be considered. No fee will be paid in the event the applicant is hired by BlueCross BlueShield of Tennessee as a result of the referral or through other means.

Tobacco-Free Hiring Statement

To further our mission of peace of mind through better health, effective 2017, BlueCross BlueShield of Tennessee and its subsidiaries no longer hire individuals who use tobacco or nicotine products (including but not limited to cigarettes, cigars, pipe tobacco, snuff, chewing tobacco, gum, patch, lozenges and electronic or smokeless cigarettes) in any form in Tennessee and where state law permits. A tobacco or nicotine free hiring practice is part of an effort to combat serious diseases, as well as to promote health and wellness for our employees and our community. All offers of employment will be contingent upon passing a background check which includes an illegal drug and tobacco/nicotine test.  An individual whose post offer screening result is positive for illegal drugs or tobacco/nicotine  and/or whose background check is verified to be unsatisfactory, will be disqualified from employment, the job offer will be withdrawn, and they may be disqualified from applying for employment for six (6) months from the date of the post offer screening results.

Resources to help individuals discontinue the use of tobacco/nicotine products include smokefree.gov or 1-800-QUIT-NOW.