Skip to content

This website works best using cookies which are currently disabled.Cookie policy  Allow cookies
JobServe
 

Atlanta, Georgia - USD Full Time Posted: Friday, 8 November 2019
 
 
Company Overview At NASCO, were more than a company. Were a community of healthcare technology innovators driven by a shared purpose to create digital health technologies that enable Blue Cross and Blue Shield Plans to deliver great service to their members and win in their markets. Our company is growing, and our digital health portfolio continues to expand, with solutions ranging from Back Office to blockchain. Were seeking expert talent to join us in our pursuit of developing new innovative technologies and continuing to support our customers. NASCO is continually recognized for innovative workplace practices that enable our associates to be successful at work and at home. For eight straight years, NASCO has been recognized as a Top Workplace by The Atlanta-Journal Constitution. Were more than company were a community. Join us today. Overview Do you enjoy influencing others, greenfield opportunities, working in a participative, empowered environment where you are continually learning and being challenged by the work that you do? If so, this may be the job for you! The Senior Architect, Information Security, is primarily responsible for shaping security innovation and playing a key role in the evolution of NASCOs Enterprise Architecture and Security functions. You will provide thought leadership and architecture guidance across a wide range of technologies and business initiatives.

You will establish Information Security Standards, Technologies, Patterns, Reference Architectures and Best Practices and ensure their adoption across all Product and Corporate solutions. This includes advising and guiding the business and delivery teams in the planning, design and implementation of all solutions. You will report to the Chief Information Security Officer (CISO) and work as part of a matrixed IT organization to help bridge the gaps between Business Leadership, Risk Management and IT Delivery in terms of Information Security Architecture and Technology.
Responsibilities Essential Roles and Responsibilities:
  • Develops Security architecture strategies for NASCO in the form of standards, frameworks and guidelines, with the emphasis on Infrastructure security
  • Serves as primary information security interface to collaborate with business representatives, systems development and business users for establishing business requirements, information security functional requirements, security solution options and implementation plans.
  • Advises and contributes to strategies and initiatives to strengthen NASCOs Security Program which is identified as part of NASCOs Information Security Practice or HITRUST corporate compliance
  • Provides security controls, processes and technical advisory support to business units and projects by working cross-functionally to develop and implement strategies that balance security recommendations with business needs.
  • Provides mentoring and technical leadership to the Information Security team
  • Acts as Subject Matter Expert and provide third-level support and analysis during and after security events
  • Performs other duties as assigned by manager.
Additional Roles and Responsibilities
  • Assists CISO and Director, Security Operations with information security vendor assessments, security attestations, re-certifications, audits, risk assessments, testing coordination, or investigations, as required.
Qualifications Required Knowledge, Skills, Abilities and Experience:
  • Minimum 5 - 8 years of experience in enterprise security architecture role
  • Minimum 10 years of IT infrastructure architecture and/or operations experience
  • Minimum 4 -5 years of experience in Large Scale System design (ERP, Custom, etc) and implementation.
  • At least 3 years of experience with commercial and open source security applications and technologies (eg malware prevention, DLP, IDS/IDP, cryptography, vulnerability scanning and penetration testing), as well as related protocols and tools (eg SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.)
  • At least 3 years of experience performing network and application security penetration testing and/or threat assessments
  • Understanding of HITRUST or similar framework, such as ISO, COBIT, COSO, NIST.
  • Broad-based knowledge of information security processes and technologies such as: business process design, risk assessment, minimum baseline security controls (*nix, Windows, network protocols, common services), data classification and management, security monitoring and log analysis, incident management, network protocols, application and database architectures, SDLC, system planning and integration, and security metrics.
  • Working knowledge of technologies such as operating systems, directory services and network protocols.
  • Knowledge of database applications, spread sheet design, and report writing software.
  • Advanced written and verbal communications skills.
  • Ability to accomplish service goals, objectives and metrics consistent with Information Security Department strategic plans and business service level agreements.
  • Ability to resolve business security conflicts taking into consideration policy, risk and business needs.
  • Ability to perform trade-off and risk analysis and if necessary, process and manage exceptions to achieve business needs.
Required Training and Education:
  • Bachelors degree in computer science, information systems, engineering, a related field or equivalent work experience
Desired Training and Education:
  • Master degree in computer science, information systems, engineering, business administration or a related field
  • Certifications preferred: CISSP, CCNA, CCENT, CCNP, GSEC, MCSA, CISM
NASCO is a Minority/Female/Disability/Vet/Affirmative Action Employer.

Atlanta, Georgia, United States of America
IT
USD
National Account Service Company, LLC
National Account Service Company, LLC
JS2365_837B128EC185683B678B3E4775807739/780185843
11/8/2019 11:58:14 AM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.