Blue Cross Blue Shield
Director of Information Security Operations | Technical
Posted by: Blue Cross Blue Shield of Massachusetts
Ready to help us transform healthcare? Bring your true colors to blue.
This manager will provide oversight, leadership and guidance to the BCBS Information Technology Security Operations Team. He/She will be responsible for the management of current daily operations of a team of engineers and analysts who make use of data generated from vulnerability scans and SIEM to understand the current state and threat landscape. This manager will look for opportunities to improve efficiencies, overall quality of this group’s service offering and turning the immense amount of raw data into actionable information for leadership and other technology teams. This manager will also be required to act as a change agent within the department and throughout BCBSMA by continually implementing industry standards and best practices. The Security Program Manager will also drive process improvement and automation by setting the direction and priority for this team. Responsible for developing and documenting system security requirements and ensuring compliance validation. Utilizes knowledge of the security trends in industry, champions’ approaches across the business and IT delivery teams.
Exhibits strong interpersonal relationships with architecture team, business partners, project managers, the IT delivery teams and Quality Assurance. Serve as advisors and consultants to business units in planning and coordinating systems security analysis, design, and implementation/enhancement projects to automate processing or improve business systems. Focuses on developing and improving security processes, assisting in metrics development, both within the technology and business organizations. Conducts analysis for application and vendor risk assessments. Draw conclusions and make recommendations. Contributes to security architecture and business strategic planning by providing objective feedback, insight, and recommendations. Responsible for leading investigation for incident response and review of system logs. Provides support for production issues such as monitoring production cycles, performing updates, and testing fixes; works with outsource vendors to monitor and ensure appropriate support levels. Actively contributes to staff development and internal departmental process improvement, acting as a role model and mentor to colleagues.
- Managing a team of 6 and using a metrics based approach, understand and improve current processes.
- Manages, administers and tunes the enterprise Security Information and Event Monitoring System (SIEM). Using the information generated and correlated from this tool to prioritize remediation efforts of the impacted technology teams as well as providing a leadership view of the current state of security within the enterprise as a whole.
- Run all aspects of the vulnerability scanning program to identify weaknesses in our layered security defense program. These weaknesses will be determined, prioritized, remediated and confirmed closed. This will be a primary measure of our technology administration effectiveness from a security perspective.
- Understand business needs and adjust or develop new processes to efficiently provide excellent service and value to our users.
- Develop standard operating procedures and other appropriate documentation to enforce quality and consistency of the services this team provides.
- Manages Information Security projects linking them as a focused set of initiatives at the division or enterprise level in conjunction with the technical staff and other constituents.
- Prepares, evaluates and presents security solutions to senior managers.
- Recommends, coordinates and implements technical controls to ensure policies and processes are performing as intended.
- Assist in Business Needs Assessments and feasibility studies establishing clear program and associated IT information security program goals
- Participate in all aspects of budget planning for IT Information Security Office
- Responsible for oversight of wide variety of operational functions including but not limited to:
-Enterprise Network Security software (Trend Micro, DLP, Symantec, etc)
-Enterprise Access Auditing (External & Internal, Network, System, Web, etc)
-Network Inspection, Segregation, & Filtering
-Enterprise End-to-End Data Encryption
-Metrics & Reporting
- Development of variety of programs, policies, and procedures including but not limited to:
-Data Loss Prevention (DLP)
-Enterprise Vulnerability Management
-Fraud Detection & Prevention
-Information Security Office(ISO) Workflow Automation
-Enterprise Risk Analysis (Vendors & Applications)
-Training & Awareness
-SDLC Expansion for Security Safeguards & Controls
- Technically competent
-Deep understanding of information security and security operations standard processes and challenges.
-Experience with standard enterprise class tools, processes and compliance activities.
- Adaptability & Growth
-Adapts leadership work style to fit environment needs.
-Develops and demonstrates intimacy and understanding of the BCBSMA environment.
-Capable of working with others to follow through on cross-functional tasks.
- Analyzing Needs & Proposing Solutions
-Owns problems and solutions as a creative problem solver.
-Considers the implications of the recommended solution in light of the culture and context of BCBSMA.
- Fostering Teamwork & Collaboration
-Seeks and develops suggestions from others, drives partnering relationships.
-Uses appropriate influencing techniques to gain genuine agreement.
-Understands and represents multiple perspectives so that others understand positions and policies.
-Acts as champion for the perspectives of different partners even in the face of resistance.
-Effective change agent and serves as a role model for others.
- Communicating Effectively
-Overall effective communication skills providing a crisp, concise message, specifically tailored for the intended audience to maximize impact and drive change.
-Recognized as business unit expert in external communication, serves as a role model for others.
-Effective skills in influencing & negotiating.
-Able to advocate for effective solutions while acknowledging diverse viewpoints.
- Acting with Urgency
-Regularly takes actions that go beyond requirements to achieve objectives
-Provides leadership and direction for project execution
-Provides expertise to identify potential problems and executes adjustments to project timelines, tasks and resources allocation as required.
- Leadership Responsibilities
-Works cross functionally to facilitate and organize actions to meet division and corporate goals.
-Assumes a lead role in collaborating to influence actions and decisions to positively impact business and financial results.
-Supports development and implementation of sound business initiatives across the division and BCBSMA.
-Champions process improvements fostering ownership and empowerment across the project teams, IT and the organization.
Background and Experience
- BS in Technology or Computer Science (Master’s Degree preferred) related field with 5+ years of experience required.
- Certified Information System Security Professional (CISSP) certification required.
- Advanced knowledge and experience managing a security engineering or security operations team in a large, complex enterprise.
- Solid experience managing people, specifically, senior technologists and engineers.
- Experienced, effective manager that uses both a quantitative and qualitative based approach to achieve the desired deliverable.
- Operational experience administering enterprise class SIEM and vulnerability scanning tools.