Security Analyst III

SHIFT: Day Job

SCHEDULE: Full-time

Your Talent. Our Vision. At Anthem, Inc., it’s a powerful combination, and the foundation upon which we’re creating greater access to care for our members, greater value for our customers, and greater health for our communities. Join us and together we will drive the future of health care.

This is an exceptional opportunity to do innovative work that means more to you and those we serve at one of America's leading health care companies and a Fortune Top 50 Company.

Support cloud controls to holistically enable the Anthem’s Cloud Security strategy and share considerations into improving security methodology, program capabilities and focus areas for maturity for the following areas:

• Visibility Cloud services are provisioned within enterprises with proper management and oversight.

• Security is integrated into business awareness.

• Compliance models for cloud;

• Data properly protected at rest and in transit.

• Accountable for effectual partnerships with peer teams to drive secure design, implementation and orchestration of complex, multi-product solutions for cloud systems.

Primary duties may include, but are not limited to:

• Act as an advocate of information security policies, standards, and controls and as an enabler to the business while managing risk appropriately

• Provide mentorship and knowledge transfer to security team members

• Excellent communication skills -able to effectively and professionally collaborate with company stakeholders and business partners

• Ability to think strategically, plan methodically, and execute tactically

• Take ownership of personal and professional development and training needed to excel

• Evaluate and recommend new products, maintain knowledge of emerging technologies, cloud security standards and regulations for application to the enterprise

• Support initiatives to secure cloud solutions by specifying methodologies; implementation and calibration; preparing preventive, detective, and reactive security measures, and support documentation

• Identifying, communicating, and mitigating security risks in on-premises or hybrid/multi-cloud deployments

• Producing metrics to measure the efficacy and effectiveness of the responsible areas of security program and reporting regularly

• Gather requirements, plan, and assess the current configuration

• Work with outside vendors and consultants to successfully test and integrate new technology

• Demonstrate good judgment in solving problems as well as identify problems in advance and propose solutions

• Ensure compliance with company policies and standards

• Aid vulnerability management and help resolve findings of security assessments and other risk management activities

• Respond to information security incidents/tickets in a timely manner

• Help the security team to maintain a level of excellence

• Develop and evaluate performance metrics to establish process success

• Design, document and implement procedures and techniques that are consistent with best practices for analyzing and evaluating the risk (software & business), accuracy, completeness, internal integrity/consistency, testability, and overall quality of system

• Research emerging technologies and identify opportunities for adoption

• Track operations and constantly look for ways to make things work better, faster, and smoother

• Collaborate on and adhere to security engineering standards, methodologies, and sustainable processes

• Indianapolis, IN preferred but will consider other locations also.

Qualifications

Minimum Requirements:

Requires a BA/BS; 3 years of experience in a support and operations or design and engineering role; or any combination of education and experience, which would provide an equivalent background.

Preferred Qualifications:

Experience within IT – developer, Security, System Automation, AWS; or any combination of education and experience, which would provide an equivalent background.

• Demonstrated troubleshooting skills

• Strong scripting / coding skills (Python, Java, C#)

• Familiarity with Terraform and/or CloudFormation (e.g., JSON)

• Experience in cloud security, engineering, network security

• Knowledge of leading practices for security design, implementation, and support of public and private cloud services

• Strong understanding of multi-cloud platforms (Azure, O365, AWS, etc.) to be able to identify and prioritize potential security challenges

• Hands-on experience with cloud security, firewalls, DMZ, VPN, and intrusion detection technologies

• High level of knowledge associated with incident response activities in a distributed environment

• Security, cloud, or networking certification preferred (e.g., CCSP, SSCP, CISSP, CCSK, CCNA)

• Familiarity with security industry standards (ISO 17799, NIST 800 series, etc.) and best practices

• Working knowledge of network and/or security technologies

• Knowledge of security auditing procedures

• Understanding of containers and Microservices

• Knowledge or experience with automated security validation or event-driven automation

• Clear understanding of overall systems architecture and how to leverage specific components

• Understanding of Cloud infrastructure environments and the challenges associated with Enterprise integration, with demonstrated ability to grasp and contribute to big-picture strategy

• Experience in hands-on roles, with knowledge of security-focused or automation tasks

• Experience in systems administration and security aspects of enterprise information systems, networking, systems development and management lifecycle

• Demonstrated experience or substantial knowledge in supporting competencies in cloud security standards and controls

• Demonstrate high degree of technical security tooling in commercial cloud environments and diverse experience within platform security and applications experience to enable native cloud solutions

• Technical expertise to understand multiple cloud platforms (AWS, GCP, Azure)

• Technical and conceptual knowledge of configurations in cloud platforms and expertise of AWS security stack e.g. Cloud trail, Cloud watch, Guard Duty, Config, etc.

• Experience in programmatic integration with ticketing and asset management systems

• Strong verbal/written communication skills

• Demonstrated teamwork skills, with the ability to thrive in a fast-paced work environment

• Demonstrated ability to work independently with little or no supervision

• Experience in aggregating automation metrics and reporting

• Anthem Cloud experience is strongly preferred

We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few.

Anthem, Inc. has been named as a Fortune 100 Best Companies to Work For®, is ranked as one of the 2020 World’s Most Admired Companies among health insurers by Fortune magazine, and a 2020 America’s Best Employers for Diversity by Forbes. To learn more about our company and apply, please visit us at careers.antheminc.com. An Equal Opportunity Employer/Disability/Veteran. Anthem promotes the delivery of services in a culturally competent manner and considers cultural competency when evaluating applicants for all Anthem positions.