What are the responsibilities and job description for the Associate Cloud Information Security Engineer position at Highmark Health?
**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
This job assists others to plan, research, evaluate, design and develop Information Security and Risk Management (ISRM) Cloud Infrastructure systems by applying engineering, hardware and software design theories and principles to develop a compatible system infrastructure in line with organizational strategies. Assists with the design, development, and implementation of less complex ISRM Cloud Infrastructure components such as operating systems, software tools, and utilities. Assists in conducting less complex studies of ISRM Cloud Infrastructure performance and traffic analysis. Assists in determining systems design requirements and ensures that system improvements are successfully implemented and monitored to increase efficiency. Assists with the development of ISRM Cloud Infrastructure engineering policies, standards and procedures.
**ESSENTIAL RESPONSIBILITIES**
Assists teams in clearly defining requirements, deliverables and timeframes.Escalate issues and make recommendations to resolve them to the appropriate audience.
Understand the executive vision and make it a reality, while overseeing the cloud adoption and governance process. Communicate and collaborate to promote strong partnerships between the architects, engineers, developers and business stakeholders.
Demonstrate understandingof cloud specific technical aspects in multiple areas of expertise and provide recommendations for solutions and designs. The areas expertise may be any aspect of information, technology, technique, method, process, product, or application area.
Support appropriate design standards, methods and tools and ensure that they are applied effectively.
Assist with thedevelopment of cloud enabled enterprise business solutions that combine knowledge of business strategies, processes and gaps, technological options, and process facilitation techniques.
Assists in conducting root cause analysis to identify and resolve complex problems impacting ISRM Infrastructure and in completing project tasks to enable the on time, within budget and scope delivery of ISRM Infrastructure projects.
Assists in developing and/or delivering technical training in less complex technical areas.
Assists to implement, monitor, configure, and maintain security systems while assuring compliance to required standards, procedures, guidelines and processes.
Other duties as assigned or requested.
**EDUCATION**
**Required**
Bachelor's Degree in Computer Science, Information Systems, or related field
**Substitutions**
6 years of related and progressive experience in lieu of Bachelor's degree
**Preferred**
Master's Degree in Computer Science, Information Systems, or related field
**EXPERIENCE**
**Required**
1 year in various Cloud environments
1 year in Information security and systems analysis
1 year with Information security, Information Risk management and/or information technology
1 year in operating systems and software administration
1 year in developing, communicating and presenting information security and risk management concepts to varying audiences
1 year with technologies such as Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event and Incident Management (SEIM), and virtualization platforms
**Preferred**
3 years working in Amazon, Microsoft, and Google Cloud products
3 years working within an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework
3 years in an IT/information security risk advisory role
3 years with network security architecture, network and networking protocols
3 years with database management, system administration and software development lifecycle
**LICENSES or CERTIFICATIONS**
**Required**
None
**Preferred**
Certified Information Systems Security Professional (CISSP)
Security **SKILLS**
Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, PCI, HIPAA, HITECH, COBIT, ISO 27001/2, and ITIL 3
Familiarity with secure SDLC best practices
Knowledge of Microsoft Apps and Suites, Windows Server, SharePoint, etc.
Strong teamwork and inter-personal skills
**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office- or Remote-based
Teaches / trains others
Occasionally
Travel from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
No
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
**Pay Range Minimum:**
$57,700.00
**Pay Range Maximum:**
$106,700.00
_Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, age, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, age, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity ( _[ Link removed ] - Click here to apply to Associate Cloud Information Security Engineer )
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please contact HR Services Online at [ Email address blocked ] - Click here to apply to Associate Cloud Information Security Engineer
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J218564
Highmark Health
**Job Description :**
**JOB SUMMARY**
This job assists others to plan, research, evaluate, design and develop Information Security and Risk Management (ISRM) Cloud Infrastructure systems by applying engineering, hardware and software design theories and principles to develop a compatible system infrastructure in line with organizational strategies. Assists with the design, development, and implementation of less complex ISRM Cloud Infrastructure components such as operating systems, software tools, and utilities. Assists in conducting less complex studies of ISRM Cloud Infrastructure performance and traffic analysis. Assists in determining systems design requirements and ensures that system improvements are successfully implemented and monitored to increase efficiency. Assists with the development of ISRM Cloud Infrastructure engineering policies, standards and procedures.
**ESSENTIAL RESPONSIBILITIES**
Assists teams in clearly defining requirements, deliverables and timeframes.Escalate issues and make recommendations to resolve them to the appropriate audience.
Understand the executive vision and make it a reality, while overseeing the cloud adoption and governance process. Communicate and collaborate to promote strong partnerships between the architects, engineers, developers and business stakeholders.
Demonstrate understandingof cloud specific technical aspects in multiple areas of expertise and provide recommendations for solutions and designs. The areas expertise may be any aspect of information, technology, technique, method, process, product, or application area.
Support appropriate design standards, methods and tools and ensure that they are applied effectively.
Assist with thedevelopment of cloud enabled enterprise business solutions that combine knowledge of business strategies, processes and gaps, technological options, and process facilitation techniques.
Assists in conducting root cause analysis to identify and resolve complex problems impacting ISRM Infrastructure and in completing project tasks to enable the on time, within budget and scope delivery of ISRM Infrastructure projects.
Assists in developing and/or delivering technical training in less complex technical areas.
Assists to implement, monitor, configure, and maintain security systems while assuring compliance to required standards, procedures, guidelines and processes.
Other duties as assigned or requested.
**EDUCATION**
**Required**
Bachelor's Degree in Computer Science, Information Systems, or related field
**Substitutions**
6 years of related and progressive experience in lieu of Bachelor's degree
**Preferred**
Master's Degree in Computer Science, Information Systems, or related field
**EXPERIENCE**
**Required**
1 year in various Cloud environments
1 year in Information security and systems analysis
1 year with Information security, Information Risk management and/or information technology
1 year in operating systems and software administration
1 year in developing, communicating and presenting information security and risk management concepts to varying audiences
1 year with technologies such as Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event and Incident Management (SEIM), and virtualization platforms
**Preferred**
3 years working in Amazon, Microsoft, and Google Cloud products
3 years working within an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework
3 years in an IT/information security risk advisory role
3 years with network security architecture, network and networking protocols
3 years with database management, system administration and software development lifecycle
**LICENSES or CERTIFICATIONS**
**Required**
None
**Preferred**
Certified Information Systems Security Professional (CISSP)
Security **SKILLS**
Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, PCI, HIPAA, HITECH, COBIT, ISO 27001/2, and ITIL 3
Familiarity with secure SDLC best practices
Knowledge of Microsoft Apps and Suites, Windows Server, SharePoint, etc.
Strong teamwork and inter-personal skills
**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office- or Remote-based
Teaches / trains others
Occasionally
Travel from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
No
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
**Pay Range Minimum:**
$57,700.00
**Pay Range Maximum:**
$106,700.00
_Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, age, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, age, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity ( _[ Link removed ] - Click here to apply to Associate Cloud Information Security Engineer )
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please contact HR Services Online at [ Email address blocked ] - Click here to apply to Associate Cloud Information Security Engineer
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J218564
Recommended Skills
- Administration
- Architecture
- Business Strategies
- Communication
- Cryptography
- Databases
Salary : $57,700 - $106,700
Security Officer II
Security -
Santa Fe, NM
Security
Securitas Security Services -
Questa, NM
Security
Securitas Security Services -
Santa Fe, NM