This job listing has expired and the position may no longer be open for hire.

Information Security Specialist at Capital BlueCross in Harrisburg, Pennsylvania

Posted in General Business 30+ days ago.

Type: Full-Time





Job Description:

Our Information Security Specialist responsible for supporting and performing risk management responsibilities as part of the Security Risk Management Team.

Duties and Responsibilities:


  • Coordinate Information Security and control assessments, and leverage expertise, industry best practice, corporate policies/standards and federal/state regulations to evaluate security and control effectiveness.

  • Conduct risk analyses, evaluations and report assessment findings on information assets and processes as it pertains to the CBC Risk Management program.

  • Assist in developing and maintaining an audit and compliance program to ensure compliance with regulatory requirements, best practices and company policies.

  • Information Security Awareness: Prepare, schedule, and present Information Security awareness briefings to systems’ managers, custodians, and users. Act as a focal point for dissemination of Information Security information through all forms of media.

  • Provide reporting and metrics that ensure the quality of the Risk Management program services are meeting business objectives.

  • Manage vendor security assessment reviews to enable informed decision-making related to third party engagements.

  • Initiate Risk Acceptance forms for policy or control deviations and identify mitigating controls.

  • Review and update policies in support of IT Security practices and ensures alignment with federal, state and CBC regulatory requirements.

  • Use GRC and other desktop tools to conduct risk assessments and support various activities, initiatives, and projects.

  • Perform other functions as assigned by Information Security management.

 

Skills:


  • Results oriented, with demonstrated problem-solving and decision-making skills.

  • Ability to effectively listen and communicate in order to present technical concepts to audiences of all levels both verbally and in writing. Communication may include oral presentations and/or written documents.

  • Ability to prioritize and complete assignments independently in a rapidly changing and dynamic work environment along with good organizational skills.

  • Familiar with the CBC business environment in order to effectively support end user requirements.

 

Knowledge:


  • Strong knowledge of risk management approaches and processes required, including proven implementation experience.

  • Knowledge of recommended information security controls and standards (HIPAA, HiTrust, ISO27000, SOX, NIST 800-53, COSO, CoBIT, etc.).

 

Experience:


  • General technical understanding and work experience in support of IT General Controls audits as well as SOC 1 and SOC 2 audits.

  • Technical understanding and work experience in support of various systems such as Oracle, Unix, Windows 2000/2003, Active Directory (LDAP), Role Based Access Control

  • Solid experience in delivering security risk assessment techniques including user and account audits, privileged user audits, and IT infrastructure/application system audits.

 

Education and Certifications:


  • A Bachelor’s degree in Computer Science, Business Administration or related field; or a minimum of five years of practical related experience; or an equivalent combination of experience and education. Certifications in an Information Security specialty and IT Audit strongly preferred.

  • Preferred security certifications including CISA, SANS/GIAC, CISSP, CISM, CRISC or equivalent

 

Physical Demands

While performing the duties of the job, the employee is frequently required to sit, use hands and fingers, talk, hear, and see. The employee must be able to work over 40 hours per week. The employee must occasionally lift and/or move up to 5 pounds.

Capital BlueCross is an independent licensee of the BlueCross BlueShield Association. We are an equal opportunity/affirmative action employer and do not discriminate on the basis of race, color, religion, national origin, gender, sexual orientation, gender identity, age, genetic information, physical or mental disability, veteran status, or marital status, or any other status protected by applicable law. 





More jobs in Harrisburg, Pennsylvania

Other
37 minutes ago

Installed Building Products
Other
37 minutes ago

Installed Building Products
Other
about 2 hours ago

Beacon Hill Staffing Group, LLC
More jobs in General Business

General Business
15 minutes ago

Cross Technologies
General Business
44 minutes ago

Kendo Brands
General Business
44 minutes ago

Kendo Brands