Associate Architect

Blue Shield Of California   •  

El Dorado Hills, CA

Industry: Business Services


5 - 7 years

Posted 387 days ago

Specific SecurityArchitectureresponsibilities include, but not limited to the following: 

• Conducts application and mobility risk assessments as required 
• Ensures compliance with regulatory and industry standards for infrastructure and information system security, including Hardening/Configuration Standards 
• Represents security interests to application development teams by ensuring security standards and requirements are defined as part of the deliverables 
• Provides project consulting, evaluating proposed solutions including vendor application products for IT security risks, working to define and push for standards, identify gaps and apply compensating controls as deemed necessary 
• Participates in the development of IT Security strategies, policies and standards


• At least 5-10 years of related IT security and/or security application development experience plus demonstrated ability to perform a risk-based approach to securing applications, databases or infrastructure based upon IT and business needs 
• At least 5-10 years of related mobile application DevOps experience 
• Experience in designing, architecting, or implementing complex enterprise applications, infrastructures, or platforms and systems with security built in 
• A strong understanding of SDLC principles 
• A good understanding and knowledge of network security capabilities and best-practices (e.g. IPS/IDS, firewalls, proxies, BYOD, wireless security) 
• Excellent written and verbal communication skills with strong relationship building skills 
• Ability to influence strategic security application development, support the framing of reference architectures and pattern components, seek consensus on target state architectures, and influence roadmaps 
• Skilled in applying strategic architecture direction to project delivery using standard engagement methods 
• Fundamental working knowledge of industry-standard enterprise architecture models (e.g. TOGAF, NIST, SABSA, SANS) and approaches 
• General understanding on how to defend web and web services against security vulnerabilities, including the OWASP Top Ten and the SANS Top Twenty Five software errors 
• Knowledge of HIPAA, HITECH, PCI-DSS, ISO 2700X and proper application of the Security and Privacy Rules. Preferred knowledge of the HITRUST Common Security Framework 
• Strong business acumen and a commitment to integrity, process improvement and customer satisfaction 
• Broad understanding of distributed, highly-available computing environments, and proactively addressing threats and vulnerabilities at all layers 
• Experience with TCP/IP and related protocols 
• Experience with Threat Modeling 

• Job Additional Education/Experience 
• Knowledge of healthcare industry and industry related technology would be a strong plus 
• Bachelor's degree in Computer Science, Cyber-Security, Engineering or related field or equivalent work experience 
• Ability to rise above the security related FUD and focus on specific work priorities and execution with positive outcomes 
• CISSP, Ethical Hacker or other security and/or Enterprise Architecture methodology certifications preferred 

This candidate should demonstrate the following behaviors: 

• Integrity - Firmly adhere to the values and ethics of our company. Exhibit honesty, discretion, and sound judgment – able to recommend a security call on an issue 
• Assume Positive Intent – When interacting with fellow employees, assume they are doing the right thing for the right reason 
• Initiative – Be comfortable using your own discretion in taking appropriate steps and risks to find solutions to problems; presents options and ideas to enhance current processes or procedures. 
• Cooperativeness - Willing to work with others, collaborating and compromising where necessary; promptly share relevant information with others 
• Flexibility - Is open to changing situations and opportunities and is willing to perform all tasks assigned 
• Independence - Able and willing to perform tasks and duties without supervision 
• Resiliency - Maintains a positive “can-do" outlook, rebounds quickly from frustrations, and maintains composure and friendly demeanor while dealing with demanding situations