Senior Cyber Security Engineer

BCBST BlueCross BlueShield of Tennessee is seeking a Senior Cyber Security Engineer to join their Cyber Security Engineering team. This role involves providing security guidance, assessing risks, and ensuring secure deployments across various technologies while collaborating with engineering and business teams.

Responsibilities:

• Ensures system security needs are established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening
• Ensures and anticipates Application, Cloud, and Platform security integrations with core security technologies
• Collaborates with the technical teams and cloud service providers to ensure that the results satisfy the needs embodied in the requirements and security best practices are followed
• Act as technical expert and assess potential systems and process vulnerabilities to determine security infrastructure and cloud requirements
• Ensure compliance with regulations and privacy laws
• Security automation for testing, identity, cloud, and secure configuration baseline monitoring
• Develops and enforces cloud security policies and procedures and provides technical support on information security policies, principles, standards, and procedures
• Implements and manages cloud security solutions to protect cloud-based applications, data, and infrastructure
• Conducts cloud security assessments and audits to identify and mitigate risks
• Employees may be required to participate in a weekly on-call rotation

Requirements:

• Bachelor's Degree or equivalent work experience required. Equivalent experience is defined as 4 years of professional work experience in a corporate environment
• 5 years - Experience as an information security engineer or in related field required
• Comprehensive experience configuring and leveraging SSO and step-up authentication to support authorization, including federation services
• Intimate understanding of cloud security technologies and platforms
• Evident knowledge of cloud security frameworks and compliance standards
• Demonstrated ability to lead, document, and meet deadlines for projects from milestones to tasks and identify ownership per project with implementation knowledge and expectations
• Demonstrated ability to interpret and translate technical and/or or complex concepts into information meaningful to IAM team members and/or business personnel
• Proficient in Microsoft Office (Outlook, Word, Excel and PowerPoint)
• Proven analytical and problem-solving skills and ability to perform non-routine analytical tasks
• Proven ability to provide Security integration, automation, and configuration efforts with Security oversight for software in the BCBST environment
• Proven ability to determine Technical Security Baselines and ensure the baselines meet BCBST Policy and Standards
• Proficient understanding of troubleshooting approaches, including knowledge of underlying security tools, networking, server, application, and cloud environments
• Windows scripting and automation methodology (PowerShell, VBScript, Perl, Batch programming)
• Well-developed understanding of APIs, databases, and file connections for application connections
• Proven ability to plan, prioritize, organize, configure, and coordinate across multiple applications and systems
• Ability to work independently with minimal supervision or function in a team environment sharing responsibility, roles, and accountability
• Certifications such as Certified Cloud Security Professional (CCSP), AWS Certified Security, Microsoft Azure, CISSP, CISA, CRISC or SANS – Specialty, or equivalent are preferred
• Experience with AI security, particularly evaluating risks across different vendors and platforms, is a strong plus