Cyber Security Lead Engineer

Resp & Qualifications

PURPOSE:
Develops and implements security solutions. Administers security technology systems by architecting and engineering/developing trusted systems into secure systems.

Assists in the development of implementation and deployment plans that are aligned to the organizational strategic plan objectives and security requirements. Advises management in developing cybersecurity policies, processes, and procedures.

ESSENTIAL FUNCTIONS:

• Leads all activities in the day-to-day support of the security solutions.
• Oversees engineering support and system administration of specialized cybersecurity applications.
• Develops information systems security action plans, evaluates information security products, and performs other activities necessary to secure the organization's network.
• Identifies potential conflicts with the implementation of any cybersecurity tools.
• Reviews and analyzes appropriate solution system logs for performance and functional anomalies.
• Collaborates with architects and project managers to provide security requirements.
• Answers advanced questions about the installation, operation, configuration, and customization of cybersecurity solutions.

SUPERVISORY RESPONSIBILITY:
Position does not have direct reports but is expected to assist in guiding and mentoring less experienced staff. May lead a team of matrixed resources.

QUALIFICATIONS:

Education Level: Bachelor's Degree inComputer Science, Information Technology, or related field ORlieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Licenses/Certifications:

• Splunk Certified Developer (preferred)
• Splunk Enterprise Security Certified Admin (preferred)
• CISSP Certified Information Systems Security Professional Upon Hire Req or
• CISM - Certified Information Security Manager Upon Hire Req or
• Certified Ethical Hacker (CEH) Upon Hire Req

Preferred Qualifications:

• Advanced degree

Experience: 8 years relevant IT security experience.

Knowledge, Skills and Abilities (KSAs)

• Responsible for creating Splunk ES (Enterprise Security) Security Information and Event Management (SIEM) content to monitor and detect potential threats to the enterprise.
• Responsible for SIEM content management, content creation, rule tuning, reporting and alert creation.
• Integration of signals and telemetry from various security tools including COTS and Cloud-native (AWS, Google Cloud Platform, Azure).
• Work with Splunk engineers to onboard and normalize new data sources ensuring CIM compliance.
• Significant experience with threat detection and threat hunting workflows.
• Significant experience with Incident Response procedures.
• Significant experience in security data analytics.
• Significant experience with data models - existing Splunk data models as well as, creation and tuning of data models from the ground up.
• Will work closely with the CyberSecurity Monitoring and Automation teams to develop requirements and implement detections.
• Develop complex dashboards and visualizations.
• Develop alerting and notification.
• Experience with a variety of scripting languages such as CSS, HTML, JavaScript, Python, PowerShell and shell scripting to automate tasks and manipulate data.
• Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.

• Strong critical thinking ability and investigative/problem solving skills.

• Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.

Department

Department:

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

#LI-LD1