Senior Information Security Specialist (Applications Security)

CareFirst in

  • Industry: Information Technology - Others
  • Type: Full Time
position filled
Resp & Qualifications Reporting to the Manager, IT Security, the Senior Information Security Specialist is accountable for a variety of tasks and deliverables, as listed below. 1. SUPPORT: Support existing information security applications and infrastructure components. Work and collaborate other teams in the enterprise, or with customers (internal and external) on resolving access issues related to security functions, such as authentication, authorization, password management, account locks, user management, SSO/Federation, Role and Privilege assignments, etc. Work with the project managers to define realistic timelines for production issue resolutions. Troubleshoot issues across multiple applications and systems. Persist in fixing issues and supporting deployments during the maintenance window (around midnight). Apply creative thinking in problem solving and actively identifying opportunities for system improvements. 2. DEVELOPMENT: Develop code, scripts, and configuration/deployment instructions to implement designs and follow instruction of Lead team members. Use best practices and patterns to ensure delivery of an enterprise grade solution that is scalable, extensible, and configurable. Use SQL optimization techniques, parallel processing techniques, asynchronous transactions, and other enterprise grade patterns. Perform thorough unit testing, code validation, and troubleshooting. Work with other technical teams in the organization such as Data Architecture, Portal and Integration. Work with the project managers to define realistic timelines for solution delivery. Deliver solutions in a timely manner and according to the agreed upon schedule. May use any of the following skills sets including: IBM TIM administration and workflow development, TAM administration and configuration, TFIM administration and configuration, LDAP, Unix, Active Directory, Java, EJB, JSP, JDBC, JMS, Kerberos, PKI, XML, WSDL, Web Services, Ant, Spring Framework. 3. DESIGN AND DOCUMENT: Participate in brainstorming sessions for interpreting technical requirements into security solutions and designs that are consistent with the current information security architecture. Create detailed documents using UML and similar diagraming methods, to be shared within and outside the team. Documents include code commenting, descriptions of interfaces, instructions for deployments and configurations This position is also subject to being "on call" for emergency situations requiring immediate resolution . Solid knowledge of information security systems including Access Management, Identity Management, LDAP, Role Based Access Control, HTTP Headers and Cookies, Encryption, SSL, Certificates, etc. Experienced in Web Services code development and testing, Object Oriented Design and coding methods, agile development, deployment scripting with tools like ANT or Perl, TDI scripting, and logging methods. Experienced in programming for relational databases, including SQL for DML, DDL and Queries. Familiar with communications protocols such as HTTP, TCP/IP, JMS, SSL, etc. Experienced with large and complex systems and the use of Software Development Lifecycle Methodology. Knowledgeable in secure coding standards and security patterns for application and data level security. Must be a fast learner and a commitment to personal growth in the domain of Information Security. Must have experience researching and introducing new technologies. Experience in coaching and mentoring other associates as well as leading small teams of peers. Strong oral and written communications abilities are necessary, as are excellent interpersonal skills for customer interfacing. Strong analytical and organizational skills. Skilled in Microsoft Office suite: Outlook, Word, Excel, Power Point Preferred: MS in Computer Science. Experience with some or all of the following: Unix, Linux, Tibco, WebSphere administration and tuning, Web Services Security, Oracle database administration, Firewalls, Intrusion Preventions Systems, and similar security devices. Performing Static and Dynamic Application Security Testing using HP Fortify SCA, Web Inspect, IBM AppScan Standard, Enterprise, ASOC, CheckMarx, IBM AppScan Source for Analysis and Synopsys Coverity. Assisting developers with writing Secure Code in the IDE (Eclipse, IntelliJ and Visual Studio) Knowledge of OWASP Top Ten Integrating Static, Dynamic and Interactive Application Security Testing into CI/CD build and deploy pipelines. Performing Vulnerability Issue validation, triaging, reporting and prioritization. Building Application Security KPI Dashboards Securing Source and Artifact Repositories which mitigate use of insecure code Implementing risk mitigation connected to use of 3rd Party / Open Source Libraries Prescribing Application Security Requirements to development teams. LI-CS1 Department Department: Application and Data Engineering Equal Employment Opportunity CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. Hire Range Disclaimer Actual salary will be based on relevant job experience and work history. Where To Apply Please visit our website to apply: www.carefirst.com/careers Closing Date Please apply before: 12/23/19 Federal Disc/Physical Demand Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs. PHYSICAL DEMANDS: The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted. Sponsorship in US Must be eligible to work in the U.S. without Sponsorship Featured Job Yes - provided by Dice

You may be interested in these similar jobs!
Systems Engineer
ManTech in Omaha, NE

Job Duties and Responsibilities Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions gro…

Read More
Senior Program Manager
Intevac in Santa Clara, CA

Senior Program Manager This position manages all aspects of classified (SECRET, Special Access Program) Government contracts for the development of m…

Read More
Senior Telecommunications Analyst
ManTech in Omaha, NE

Job Duties and Responsibilities: Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions g…

Read More
Senior Information Security Specialist (St. Louis, MO; telecommuter)
US Bank in Saint Louis, MO

U.S. Bank is seeking a Senior Information Security Specialist with demonstrated competence and visionary leadership experience to to join our Informa…

Read More
Senior Information Security Specialist (St. Louis, MO; telecommuter)
U.S. Bank in Saint Louis, MO

U.S. Bank is seeking a Senior Information Security Specialist with demonstrated competence and visionary leadership experience to to join our Informa…

Read More
Information Security Engineer
sunrise systems in New York, NY

Role: Senior Information Security SpecialistLocation: NYC, NY 10004Duration: 6+ Months Contract to Hire // Permanent Senior Information Security Spec…

Read More
SAP Applications Security Specialist
Yoh in Kansas City, MO

SAP Applications Security Specialistneeded for a full time opportunity with Yoh?s client located in Kansas City, MO**Will offer H1B sponsorhip and re…

Read More
Cyber Security Specialist, Senior
AM in Martinsburg, NY

Overview Applied Memetics LLC is seeking an experienced, motivated Cyber Security Specialist, Senior,? to support our VA customer. The Comput…

Read More
Information Security Specialist - St. Paul, MN or St. Louis, MO
U.S. Bank in Saint Louis, MO

At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, were…

Read More
Senior Cloud Security Specialist (Risk and Compliance)
Nestl in Saint Louis, MO

Job Description Information Technology at Nestl? is a worldwide organization delivering innovative technology and digital solutions that enable …

Read More
Senior Cloud Security Consultant
Synopsys in New York, NY

Business TitleSenior Cloud Security Consultant22-Aug-2019Requisition Number21397BRJob Description and RequirementsSynopsys is looking for a full-time…

Read More
Sr. Application Engineer
N Tier Solutions in Charlotte, NC

Senior Application Engineer; one position located in Atlanta GA; one position located in either Raleigh, Greensboro, or Charlotte, NC; Candidate must…

Read More
Senior IT Security Engineer
Pierce Technology Corporation in New York, NY

Please send all resumes to Senior IT Security Engineer NYC Long-term contract (option to hire) Will serve as a technical and operational mentor to…

Read More
Security Systems Technician II
IES Communications, LLC in salt lake city, UT

Job Summary: The Security Systems Technician II must possess the ability to program and install security systems (Card Access, CCTV, CATV and Intrusi…

Read More
Assistant Professor, Computer Science (2 positions)
University of Illinois Springfield in 1 University Plaza, MC UHB 3000, IL

Tenure Track Assistant Professor of Computer Science (Two Positions) The Computer Science Department at the University of Illinois Springfield (UIS) …

Read More