1 Information Security Analyst -Threat Management Job in Des Moines, IA
SORT BY
W
Information Security Analyst -Threat Management
$78k-96k (estimate)
Full Time | Insurance
3 Weeks Ago
Wellmark Blue Cross and Blue Shield is Hiring an Information Security Analyst -Threat Management Near Des Moines, IA
Company DescriptionWhy Wellmark: We are a mutual insurance company owned by our policy holders across Iowa and South Dakota, and we’ve built our reputation on over 80 years’ worth of trust. We are not motivated by profits. We are motivated by the well-being of our friends, family, and neighbors–our members. If you’re passionate about joining an organization working hard to put its members first, to provide best-in-class service, and one that is committed to sustainability and innovation, consider applying today!
Why Wellmark Technology? Wellmark is building innovative, modern solutions using cutting edge technology. We are driving organizational transformation and business strategy by empowering our technology team to innovate new and elegant solutions to enhance the customer experience. Together, we are leaning into the future, owning the outcome, and driving organizational change to transform how we work.
More about our unique benefit offerings here.
More about working at Wellmark here.
Job DescriptionAbout the Career: In this role, you will be crucial member of the security team that focuses on continuous monitoring of Wellmark’s environment. You will monitor and triage threats as well as provide technical analysis and insight in threat and vulnerability management, across multiple security disciplines such as networks, servers, desktops, applications, and databases. You are responsible for programming, supporting, and maintaining complex security systems, software programs and hardware devices. Under general guidance, you will collaborate with stakeholders across Technology to formulate, define, and implement procedures that are necessary to ensure the safety of information systems assets, protecting them from intentional or inadvertent access or destruction.
Our Ideal Candidate: You feel strong when you can remain calm and communicate essential information in tense situations. You build trusting relationships with your peers and can easily determine the best course to escalate items, quickly and efficiently. The ideal individual will have an aptitude and passion for creative problem solving across a diverse technology stack.
QualificationsRequired:
An Equal Opportunity EmployerThe policy of Wellmark Blue Cross Blue Shield is to recruit, hire, train and promote individuals in all job classifications without regard to race, color, religion, sex, national origin, age, veteran status, disability, sexual orientation, gender identity or any other characteristic protected by law.Applicants requiring a reasonable accommodation due to a disability at any stage of the employment application process should contact us at careers@wellmark.comPlease inform us if you meet the definition of a "Covered DoD official".
Why Wellmark Technology? Wellmark is building innovative, modern solutions using cutting edge technology. We are driving organizational transformation and business strategy by empowering our technology team to innovate new and elegant solutions to enhance the customer experience. Together, we are leaning into the future, owning the outcome, and driving organizational change to transform how we work.
More about our unique benefit offerings here.
More about working at Wellmark here.
Job DescriptionAbout the Career: In this role, you will be crucial member of the security team that focuses on continuous monitoring of Wellmark’s environment. You will monitor and triage threats as well as provide technical analysis and insight in threat and vulnerability management, across multiple security disciplines such as networks, servers, desktops, applications, and databases. You are responsible for programming, supporting, and maintaining complex security systems, software programs and hardware devices. Under general guidance, you will collaborate with stakeholders across Technology to formulate, define, and implement procedures that are necessary to ensure the safety of information systems assets, protecting them from intentional or inadvertent access or destruction.
Our Ideal Candidate: You feel strong when you can remain calm and communicate essential information in tense situations. You build trusting relationships with your peers and can easily determine the best course to escalate items, quickly and efficiently. The ideal individual will have an aptitude and passion for creative problem solving across a diverse technology stack.
QualificationsRequired:
- Bachelor's Degree or direct and applicable work experience
- Minimum 4 years’ experience working with a wide variety of technologies
- Within an IT environment
- At least 1 year of experience should be within in a role where IT security was a primary responsibility
- Knowledge of identifying and managing risk. Understanding of how business risk affects business strategy
- Proven ability to be analytical and think critically to obtain relevant information/identify essential elements, and examine issues or inconsistencies; further, identify causes and key factors; relate and compare data from different sources, and identify alternative solutions
- Demonstrated ability to communicate clearly, concisely, and transparently when in a stressful situation. Provide advice and council with stakeholders within the organization.
- Adept at viewing situations from the stakeholder’s perspective to better address their needs and expectations.
- Demonstrated ability to break down problems and identify all of their facets, including hidden or tricky aspects, to find root-cause of problems. Generate a range of solutions and courses of action with benefits, costs, and risks associated with each. Probe appropriate sources for answers, and think ‘outside the box’ to find options. Test proposed solutions against the reality of likely effects before going forward
- Ability to accomplish tasks and processes accurately and completely; detail oriented
- Ability to generate innovative solutions in work situations; tries different and novel ways to deal with work problems and opportunities
- Knowledge of report writing to meet business reporting needs
- Travel required up to 5%
- Bachelor's Degree
- 4 years’ experience with Linux, Windows (server and desktop)
- IT Certifications - Certified Information Systems Security Professional (CISSP) - (ISC)², Microsoft Certified Professional (MCP) – Microsoft, Security/Forensic specific certifications (SANS) - Global Information Assurance Certification (GIAC)
- Analyze and manage multiple security and/or access control models in a planned, conscious manner following defined security lifecycle. Measure and report on effectiveness of security controls to Corporate Information Security (CIS) leadership, as well as to team members, IT leadership and IT staff.
- Vulnerability Scanning Systems – Perform daily scanning of network, system, application and database assets across the enterprise. Reports results to InfoSec Engineers. Work with other IT teams as directed by the InfoSec Engineers or at the direction of CIS leadership.
- Firewall Rule Analysis System – Review firewall rules alerts and report identified risk to InfoSec Engineers.
- Security Configuration Hardening Processes – Work with InfoSec Engineers or at their direction with IT technical teams to ensure defined security configurations are applied across the enterprise. Review and recommend updates to security configurations as appropriate.
- Work with CIS leadership to interpret information security policies, standards, and other requirements as they relate to a specific internal information system, and make recommendations with the implementation of these and other information security requirements.
- Under direction of InfoSec Engineers or CIS Leadership serve as a representative of the security control structure; ensure key methodologies and concepts are applied and documentation in place to satisfy corporate, department, and internal and external auditor review. Solve complex security issues such as bypassed controls, disrupting security measures and technology changes; provides a continual balance of applied security safeguards and business usability.
- Evaluate information system bug reports, security exploit reports, laws and regulations, and other information security notices issued by information system vendors, government agencies, universities, professional associations, and other organizations, and as needed, makes recommendations to internal management and technical staff to take precautionary steps.
- Perform daily monitoring and analysis of host and network alerts from the data loss prevention product(s) and investigation outputs. Monitor and respond to data loss events and escalate when necessary. Engage with business contacts and IT to identify sensitive data and monitor for unauthorized disclosures.
- Maintain capabilities and solutions, or preventative/remediation controls to protect proprietary/confidential data and systems. Collaborate, partner and influence business stakeholders across Wellmark to identify and define their most sensitive data assets.
- Serve as an active member of the Security Incident Response Team (SIRT) and participates in security incident response efforts by, among other things, having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures. Respond to security incidents, and advises on risk remediation plans, provide - security reports to Corporate Information Security management team. Act as a technical consultant on information security incident investigations and forensic technical analysis.
- Maintain up-to-date detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Research and recommend new emerging technologies, techniques and tools that will add value to the organization.
- Perform ad-hoc penetration tests on Wellmark systems and applications and report found issues to leadership.
- Other duties as assigned.
An Equal Opportunity EmployerThe policy of Wellmark Blue Cross Blue Shield is to recruit, hire, train and promote individuals in all job classifications without regard to race, color, religion, sex, national origin, age, veteran status, disability, sexual orientation, gender identity or any other characteristic protected by law.Applicants requiring a reasonable accommodation due to a disability at any stage of the employment application process should contact us at careers@wellmark.comPlease inform us if you meet the definition of a "Covered DoD official".
Job Summary
JOB TYPE
Full Time
INDUSTRY
Insurance
SALARY
$78k-96k (estimate)
POST DATE
06/01/2024
EXPIRATION DATE
06/28/2024
WEBSITE
wellmark.com
HEADQUARTERS
DES MOINES, IA
SIZE
1,000 - 3,000
FOUNDED
1939
CEO
VIC MORALES
REVENUE
$1B - $3B
INDUSTRY
Insurance
Related Companies
Show more
Similar Jobs
Popular Articles
Top 10 Things to Avoid Putting on a Job Application
Read Article
How to Describe Your Education in a Resume
Read Article
How to Write a Memorable Cover Letter in 5 Ways
Read Article
4 Personal Finance Tips to Make During Job Transition
Read Article
4 Best Camera Setups for Interview
Read Article
Keeping a Job Search Journal: 9 Types of Journaling You Can Do
Read Article
