At Blue Shield of California we are parents, leader, students, visionaries, heroes, and providers. Everyday we come together striving to fulfill our mission, to ensure all Californians have access to high-quality health care at a sustainably affordable price. For more than 80 years, Blue Shield of California has been dedicated to transforming health care by making it more accessible, cost-effective, and customer-centric. We are a not-for-profit, independent member of the Blue Cross Blue Shield Association with 6,800 employees, more than $20 billion in annual revenue and 4.3 million members. The company has contributed more than $500 million to Blue Shield of California Foundation since 2002 to have a positive impact on California communities. Blue Shield of California is headquartered in Oakland, California with 18 additional locations including Sacramento, Los Angeles, and San Diego. We’re excited to share Blue Shield of California has received awards and recognition for – LGBT diversity, quality improvement, most influential women in corporate America, Bay Area’s top companies in volunteering & giving, and one of the world’s most ethical companies. Here at Blue Shield of California, we’re striving to make a positive change across our industry and the communities we live in – Join us!
The Cloud Security Architect will be an integral member of the IT Security Architecture / Information Security Portfolio Enablement (ISPE) team. This role will be responsible for product strategy, roadmap, tactical support of design, development, and implementation of cutting-edge sophisticated cloud technologies. This role will also conduct cloud risk assessments utilizing standardized risk frameworks including providing technical implementation advice and configuration of multiple cloud platforms (M365, Azure, and AWS).
- Work in Chief Information Security Officer (CISO) office under Director of IT Security Architecture. Be a catalyst to transform healthcare with business aligned agile, repeatable, and standardized security technology ready for new emerging threats.
- Actively participate in a product team and work with business and engineering team to articulate security requirements in a way that leads to the secure creation and enhancement of the product.
- Ensure products are built and sustained with security and compliance by design.
- Provide public cloud security consulting and security architecture reviews. This includes providing technical advice in the design and implementation of multiple cloud platforms (M365, Azure, and AWS).
- Create and conduct cloud risk assessments utilizing standardized risk frameworks.
- Secure identities in M356 using Multifactor Authentication, conditional access, and Azure AD Privileged Identity Management (PIM).
- Create a roadmap and implement Azure Advanced Threat Protection (ATP) solution, secure data access, Azure information Protection (AIP), Data loss prevention (DLP), Azure Sentinel for Microsoft 365 and Azure AD Identity Protection.
- Manage and monitor security reports and dashboards using Microsoft 365 Security Center. Integrate logs with existing log solutions such as Splunk.
- Identify the appropriate techniques and methods to secure AWS identity and data in Amazon EC2, Amazon S3, Elastic, CloudFormation, Amazon Virtual Private Cloud (VPC), and implement a secure cloud solution.
- Influence and communicate effectively with non-technical audiences including senior product and business management.
- Develops product strategies, vision and roadmaps that align with the architecture and technology direction of the business unit, consistent with enterprise priorities as agreed with product-line management.
- Embeds with product teams as needed to ensure full transparency and no surprises, keeping product stakeholders up to date with the latest on delivery status, product security risks and scope changes.
- Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts.
- Coordinate with DevOps teams to advocate secure coding practices.
- Act as the communicator of the vision to translate the product strategy and vision developed with business stakeholders into what the product team must bear in mind to ensure security and compliance are embedded.
- Conduct Preliminary Security Assessment Reviews and Security Risk Assessments.
- Review security technologies, tools, and services, and make recommendations.
- Provide security leadership and advisory services to IT, business and project teams to ensure that solutions are in line with the architecture direction and business strategies.
- Have excellent communication skills (written and verbal). Demonstrate strong problem-solving ability and analytical skills. Strong business acumen and a commitment to integrity, process improvement and customer satisfaction.
- Represents security interests to project teams by ensuring security standards and requirements are defined as part of the deliverables. Provides input and guidance on adherence to defined security requirements and/or means to address any identified gaps.
Knowledge and Experience
- At least 2 years working with Microsoft Office 365 security and Microsoft Azure Platform. Two years with Amazon Web Services preferred.
- 5-10 years of related IT security and Security Architecture experience.
- Have previously worked with SaaS, PaaS, and IaaS providers, in which you provided guidance on secure system and service configuration.
- Basic familiarity with the principles of design thinking, and lean and agile software delivery.
- Broad understanding of Secure Software Development Lifecycle (S-SDLC) and mobile security.
- Knowledge of healthcare industry and industry related technology a strong plus.
- Experience in designing, architecting, and implementing complex enterprise applications, infrastructures with security built in.
- Fundamental working knowledge of industry-standard enterprise architecture models (e.g. TOGAF, NIST.SP.800-53r4, ISO 27002, SABSA, HIPAA, HITECH, PCI-DSS) and similar security frameworks.
- CISSP, CCSP, CISM, TOGAF or other security and/or Enterprise Architecture methodology certifications.
- Microsoft 365 Certified Security Administrator or AWS certified solution/security architect preferred.
- Bachelor's degree in Computer Science, Engineering or related field or equivalent work experience.
Physical Requirements Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork – Activity level: Sedentary, frequency most of work day.
Job: Information Security
Primary Location: United States of America-California-Oakland
Other Locations: United States of America-California-El Dorado Hills
Organization: Information Technology
Job Posting: Feb 23, 2021, 12:28:55 PM
External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws.