Capital BlueCross

Information Security Specialist

Capital BlueCross$75K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3-5 years of experience in information security or a related IT field
  • Hands-on experience with SIEM tools like Splunk
  • Experience with incident response processes
  • Familiarity with vulnerability management tools such as Tenable or Nessus
  • Bachelor's degree in Computer Science, Business Administration, or related field, or equivalent experience; security certifications such as CISSP or CISM preferred

Responsibilities

  • Monitor and analyze security events using SIEM tools
  • Investigate security incidents and conduct root cause analysis
  • Manage the full vulnerability lifecycle across enterprise systems
  • Analyze logs from various sources to identify suspicious activities
  • Support incident response activities including containment and recovery
  • Manage vendor security assessments for third-party engagements
  • Participate in threat hunting to identify hidden risks

Benefits

  • Opportunities for professional development
  • Collaboration with cross-functional IT and business teams
  • Engagement in proactive threat detection initiatives
  • Involvement in security compliance efforts
  • Supportive work environment focused on security posture improvement
Full Job Description
Position Description

The Information Security Specialist will be responsible for protecting systems, network, and data from cyber threats. Monitors security events, investigates incidents, and leads vulnerability management efforts. Works closely with IT and business teams to reduce risk, improve security posture, and support compliance with industry standards.

Responsibilities and Qualifications

  • Monitor and analyze security events using SIEM tools to detect and respond to threats in real-time.
  • Investigate security incidents, perform root cause analysis, and document findings for remediation and reporting.
  • Manages the full vulnerability lifecycle across enterprise systems, including identifying security weaknesses, assessing and prioritizing risk, coordinating remediation efforts, and validating that issues are resolved. Works closely with IT and business teams to ensure vulnerabilities are addressed in a timely manner based on risk, impact, and relevant threat intelligence.
  • Analyze logs from endpoints, servers, network devices, and cloud platforms to identify suspicious activity.
  • Support incident response activities including containment, eradication, and recovery.
  • Manage vendor security assessment reviews to enable informed decision-making related to third party engagements.
  • Participate in threat hunting activities to proactively identify hidden threats in the environment.
  • Perform other functions as assigned by Information Security management.

Skills:
  • Results oriented, with demonstrated problem-solving and decision-making skills.
  • Ability to effectively listen and communicate in order to present technical concepts to audiences of all levels both verbally and in writing. Communication may include oral presentations and/or written documents.
  • Ability to prioritize and complete assignments independently in a rapidly changing and dynamic work environment along with good organizational skills.

Knowledge:
  • Strong understanding of cybersecurity principles, threat detection, risk management, and industry security frameworks.

Experience:
  • 3-5 years of experience in information security, cybersecurity, or a related IT role.
  • Hands-on experience monitoring and responding to security events using a SIEM platform such as Splunk or similar.
  • Experience with incident response, including investigation, containment, and recovery.
  • Proven experience with vulnerability management tools such as Tenable, or Nessus.
  • Experience analyzing logs from endpoints, servers, network devices and cloud services.
  • Familiarity with endpoint detection and response (EDR) tools and network security technologies (firewalls, IDS/IPS)

Education and Certifications:
  • A Bachelor's degree in Computer Science, Business Administration or related field; or a minimum of five years of practical related experience; or an equivalent combination of experience and education.
  • Preferred security certifications including, CISSP, CISM, CRISC or equivalent

Physical Demands:
  • While performing the duties of the job, the employee is frequently required to sit, use hands and fingers, talk, hear, and see. The employee must be able to work over 40 hours per week. The employee must occasionally lift and/or move up to 5 pounds.

About Capital BlueCross

Capital BlueCross is a health insurance company that was founded in 1938 and is headquartered in Harrisburg, Pennsylvania. The company provides health insurance to individuals and businesses in central Pennsylvania and the Lehigh Valley. Capital BlueCross is committed to improving the health and well-being of its members and the communities it serves. The company offers a variety of health and wellness programs, including fitness classes, nutrition counseling, and smoking cessation programs. Capital BlueCross is also committed to sustainability and has implemented several initiatives to reduce its environmental impact.
Learn more about Capital BlueCross
Size
1,500 employees
Industry

Similar Jobs

More Jobs at Capital BlueCross

More Information Technology Jobs

Find similar Information Security Specialist jobs: