How Is This Role Important to Our Work?
In this position you will have an opportunity to work in an enterprise cloud environment that respects and appreciates concepts like Infrastructure as Code, mature CICD pipelines, architecture and design documentation, but balances our ability to deliver and secure systems for the enterprise. This means you’ll be part of a team that strives to have mature capabilities but is also hands on building new solutions. The ideal candidate will have significant experience in a variety of IT or security systems, but more recently has had exposure with building or securing systems in AWS. This position will give you an opportunity to learn a lot and share your knowledge with others. Ultimately, this candidate will need to have a strong desire to tackle challenging problems and work as part of a team to deliver solutions.
The Security Engineer Senior is responsible for the execution of standards and guidelines that support and secure the design of technology solutions including implementing solutions requiring integration of multiple platforms, operating systems, servers, and applications across the enterprise. Performs analysis and evaluation of customer technical and analytical requirements to align them with security best practices and requirements. Plans, develops, tests and documents systems and provides follow up to ensure success and security of the environment. Responsible as an advanced technical resource in one or more critical services or technologies and applies comprehensive knowledge in one or more areas. May function in a Lead role.
A Day in the Life:
- Conducts detailed analysis and study of customer requirements for new or existing projects to determine feasibility, cost and time required, and compatibility with current systems and hardware capabilities.
- Develops and documents the framework for integration and implementation for changes to technical standards.
- Develops moderate to highly complex infrastructure interactions to ensure the security, stability, recoverability, and access to systems and information.
- Advises on enterprise-wide infrastructure systems growth requirements, capabilities, and constraints to ensure the long-term functionality and operation standards.
- Participates in the RFP process to evaluate and select vendor solutions.
- Oversees and evaluates the work of contractors and vendors to ensure quality services.
- Participates in or leads cross-functional initiatives on the development and implementation of enterprise-wide major installations, upgrades and process changes.
- May have accountability for project execution and resource allocation.
- Facilitates knowledge sharing by creating and maintaining detailed, comprehensive documentation and diagrams.
- Provides technical guidance or mentorship to others as appropriate.
- Tracks industry trends and maintains knowledge of new technologies to better serve the enterprise architecture needs.
- Performs systems support activities and may include required participation in an on-call rotation for support of systems outside of normal business hours.
- Participates in structured cross-functional processes including architecture, change, risk, resiliency, incident, problem, CMDB, and asset management.
- Assists manager in facilitating goal accomplishment by providing work direction to assigned employees and by monitoring the status of work on a daily basis.
- Clarifies roles and responsibilities of assigned employees based on direction from the manager.
- Provides coaching or mentoring as requested or deemed appropriate based on direction of the manager.
- Assists manager in facilitating resource allocation to ensure appropriate staffing levels.
- Shares feedback with the manager as requested or deemed appropriate, and may make recommendations for performance reviews.
- May make recommendations to the manager for team and individual recognition.
- Performs day to day support activities for Identity and Access Management, security engineering, and cloud security architecture.
- Represents Information Security on IT and business sponsored projects to ensure the success of the project, while also ensuring information security standards are implemented.
- Partners with our DevOps engineers to mature and improve our CICD pipeline and building automation towards a DevSecOps environment.
- Works with a large number of AWS services supporting our front-end developers, back-end developers, and data analytics groups.
- Reviews new AWS services, evaluates potential security challenges, helps DevOps engineers develop Terraform to support our Infrastructure as Code environment.
- Helps design B2B integrations using APIs and OAUTH/OIDC.
Nice to Have:
- In-depth knowledge of BCBS computer methodologies.
- Advanced knowledge of multiple business areas.
- Technical Certification Participation in user groups (ACM, IEEE) or security certification (CISSP, CEH, GSEC, etc) or AWS Certification
Required Skills and Experiences:
- Bachelors degree preferably in Computer Science and 5 years of experience in the implementation of information engineering projects, systems analysis, design and programming, systems planning, and business information planning or 9 years of related experience in lieu of a degree.
- Advanced level knowledge of infrastructure design, implementation, administration, planning, developing.
- Advanced level knowledge of technical, business, and industry.
- Very strong oral and written communication and presentation skills.
- Very strong human relations skills to effectively interact with leadership and management, peers, business partners and vendors.
- Highly skilled at systems, creative, critical and analytical thinking, decision making and problem solving.
- Advanced or specialized understanding of the standards and deliverables to ensure integrity of the systems engineering process.
- Advanced level knowledge of internal area applications.
- Advanced level skills at hands-on communication, collaboration and leadership.
- Highly skilled at influencing and motivating individuals and teams.
Security Engineer Sr.