Information Security Analyst

The Information Security Infrastructure Analyst is responsible for working with the information security team to secure the organization's technology, ensuring the integrity, availability, and confidentiality of critical systems. This role involves maintaining and troubleshooting security tools and promoting security best practices. This position works closely with other security engineers, IT teams, and business units to enforce security policies, respond to incidents, and support compliance with regulatory requirements.

• This position will be hired at the Infrastructure Analyst, Infrastructure Administrator, System Administrator, or Senior System Administrator level.

** This position is eligible to work hybrid (9 or more days a month onsite) in accordance with our Telecommuting Policy. Applicants must reside in Kansas or Missouri or be willing to relocate as a condition of employment.

• Family Comes First: Total rewards package that promotes the idea of family first for all employees.
• Professional Growth Opportunities: Advance your career with ongoing training and development programs.
• Dynamic Work Environment: Collaborate with a team of passionate and driven individuals.
• Inclusive Work Environment: We pride ourselves on fostering a diverse and inclusive workplace where everyone is valued and respected.

• Blue Cross and Blue Shield of Kansas offers excellent competitive compensation with the goal of retaining and growing talented team members. The salary range for this role is a good faith estimate, it is estimated based on what a successful candidate might be paid. All offers presented to candidates are carefully reviewed to ensure fair, equitable pay by offering competitive salaries that align with the individual's skills, education, experience, and training. The range may vary above or below the stated amounts.

• Learn and implement system security best practices for information security controls. Refine, recommend and maintain playbooks, policies, procedures and guidelines, and align with industry best practices.
• Learn techniques for proper access control and security compliance promoting minimum necessary principles.
• Document system configurations, troubleshooting procedures, and other relevant information for team use.
• Respond to system alerts and perform root cause analysis on issues to prevent recurrence.
• Participate in incidents including, but not limited to, ransomware, host compromise, credential and account compromise, phishing, internal threats, third parties, and data leakage.
• Participate in monitoring internal and external events and stay tightly aligned with infrastructure, third-party, hosted, on-premises and end-user systems.
• Use automation to efficiently streamline actions when possible but use human analysis for actionable decision-making.
• Review technical reports from vulnerability and penetration testing assessments, as well as results from tabletop exercises to information security control improvements.
• Must be accessible via mobile services (i.e. text, voice, data) during non-working hours for upgrades, system outages, and configuration changes.

• Ability to follow Project Management practices for implementing projects and changes.
• Ability maintaining technical documentation and designing procedures for new technology.
• Capable of preparing system charts, workflow diagrams, and cost-benefit analysis summaries.
• Skilled in managing multiple tasks or projects simultaneously.
• Proficient with Windows tools and applications, including standard office software (e.g., Microsoft Office).
• General knowledge of infrastructure architecture (database, messaging, security, OS, networks, storage, business continuity/disaster recovery).
• Ability to evaluate infrastructure processes and conduct gap analysis.

• Bachelor’s degree with at least 12 hours of college credits relate to Computer Science.

• Demonstrated experience with managing and analyzing indicators related to malicious activity preferred.
• Familiarity with cloud security (AWS, Azure, or GCP) preferred.

• Base compensation is only one component of your competitive Total Rewards package
  • Incentive pay program (EPIP)
  • Health/Vision/Dental insurance
  • 6 weeks paid parental leave for new mothers and fathers
  • Fertility/Adoption assistance
  • 2 weeks paid caregiver leave
  • 5% 401(k) plan matching
  • Tuition reimbursement
  • Health & fitness benefits, discounts and resources