Senior Cloud Security Engineer (AWS)

Job Description Summary As a Senior Cloud Security Engineer at BCBSA you will identify and implement operational, tactical and strategic improvements to better secure cloud workloads. The Cloud Security Engineer will focus on maturing BCBSA’s ability to protect our cloud-hosted assets and applications, detect and respond to malicious activity, and continuously assess the environment for weaknesses. In this highly specialized role, you will partner with cross functional teams, including application development, IT and security teams, and other stakeholders. You will develop, deliver and maintain effective application testing standards and methodologies leveraging industry leading practices to support information security roadmaps. You will partner with the extended Cloud and Information Security teams to deliver secure applications and related governance capabilities throughout the product lifecycle. Responsibilities include but are not limited to: Perform manual and automated cloud configuration assessments to identify weaknesses in applications and shared services. Build a continuous cloud assessment capability to enable the rapid identification and remediation of weaknesses and vulnerabilities. Collaborate with application vulnerability assessors to ensure applications are ready for production release. Collaborate with security architecture and other cloud stakeholders as part of the Cloud Center of Excellence to ensure cloud technologies are designed and implemented securely. Support CCoE and other non-security stakeholders to assist with the research, analysis, development and implementation, of BCBSA’s cloud security capabilities with a focus on protection, detection, and response. Support the security architecture and application teams with developing controls and security monitoring for new products, tools, and processes. Required Education, Certifications and Experience High School Diploma or GED Bachelor’s Degree or equivalent work experience Six years of deploying, configuring and supporting AWS services and hybrid cloud environments (required) such as: AWS Security Services IAM, KMS, Secrets Manager, AWS Firewall manager, WAF, Guard Duty and SCPs AWS Network Services in AWS (VPC, Route Table, Security Groups, Transit Gateway, Private Link, VPC Interface Endpoint) AWS Management Services (e.g., CloudWatch, Lambda, AWS Config, Security Hub). Direct experience with Infrastructure and Platform Services (e.g., EC2, RDS). Six years of Cyber security experience deploying and configuring AWS security services and 3rd party security solutions. (Required) Interpersonal Relationships - Knowledge of the techniques and the ability to work with a variety of individuals and groups in a constructive and collaborative manner. Problem Solving - Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations. Leadership - Ability to work with a group to set its objectives and agenda, generate allegiance to those objectives, and guide and motivate their achievement. Industry Knowledge - Knowledge of the organization's industry group, trends, directions, major issues, regulatory considerations, and trendsetters; ability to apply this knowledge appropriately to diverse situations. IT Environment - Knowledge of organization's total Information Technology (IT) environment with minimum knowledge of MS office and other software’s used by the organization. Effective communication skills - (written and verbal) to properly articulate complicated security controls attestation and risk reports to management and other IT development partners. Preferred Education, Certifications and Experience CompTIA, ISC2, AWS, SANS, or equivalent. (Preferred) Three years of experience with cloud automation tool such as AWSCDK, Terraform, Ansible, Git, Puppet, or equivalent. (Preferred) One year of experience with applying application security controls to sandboxes, DEV/QA/SIT/PROD, CI/CD, DevOps, DevSecOps or equivalent. (Preferred). One year of other relevant experience, includes (Preferred): Server/Network/Storage administrator Cloud administrator & operations Full-stack application development Cloud development including virtual instances, serverless, and containers Knowledge of Docker, ECS, Kubernetes, and Container Security Good understanding of PKI, Certificate Management, DNS, experience writing Infrastructure-as- code for AWS ACM, PCA, Route53, CloudFront, Lambda Edge integrating with other services like Okta, solid understanding of IP Addressing/subnetting/CIDR; firewall rules development Excellent troubleshooting skills Experience with documentation, knowledge management, evidence collection, storage, data backup and collaboration tools. People Management – No #LI-HYBRID If you are a current employee please apply directly through Workday. Begin your career at Blue Cross Blue Shield Association (BCBSA) by exploring currently opportunities and starting your application. It’s easy! After reviewing our open positions, apply to the roles that meet your requirements and ours too. You can keep track your progress in the selection process and review new postings too. Thanks for interest in joining Team BCBSA! At Blue Cross Blue Shield Association (BCBSA), we are a national association of 33 independent, community-based and locally operated Blue Cross Blue Shield companies and we are driven by purpose. Join the team who supports the nation's largest healthcare network, providing coverage to nearly one in three Americans as we relentlessly pursue affordable healthcare and ensure peace of mind for the people we serve. Be part of our storied history of innovation as we advance well-being and health equity. Experience a culture that is built on our care values, diversity, equity, inclusion and belonging, work-life flexibility, well-being and a commitment to our community. If you thrive at a company that values inclusivity, accountability, courage, teamwork and respect, we're glad you found us!