Icon hamburger
Briefcase

Create Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
No Thanks
US
What job do you want?

Create Job Alert.

Get similar jobs sent to your email

Apply to this job.
Think you're the perfect candidate?
Apply on company site

You’re being taken to an external site to apply.

Create an account to get recommended jobs that match your resume and apply to multiple jobs in seconds!
On the next page, you'll build a resume in 3 steps thanks to our AI technology
8-15 characters
Contains Number
Contains Lowercase
Contains Uppercase
Contains Special Character
Thumsup

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.

You can apply faster when you're registered.

20a9a4301fb477d3f5fdec6f00a5c424

Cyber Security Specialist (F5 Load Balancer)

CareFirst BlueCross BlueShield Washington, DC Full-Time
Apply on company site

Create Job Alert.

Get similar jobs sent to your email

Resp & Qualifications

PRINCIPAL ACCOUNTABILITIES:
Under the supervision of the Manager, Information Security or Senior / Lead Cyber Security Specialists, the incumbent’s accountabilities include, but are not limited to the following:

1. Maintain the F5 security tool for load balancing and application security. Configure and customize the Application Security Manager (ASM) and Local Traffic Manager (LTM) F5 tools to prevent all secruity threats in an ever changing environment.  Integrate F5 with other tools to provide automated monitoring and alerting on system health.  Plan and design the future roadmap of the F5 tool, and perform periodic system upgrades to the F5.

• Support and deploy systems, information security applications and hardware, and infrastructure components to protect the security of CareFirst information. 
• Provide appropriate training to other security specialists and external customers on developed standards, procedures and guidelines.
• Implement necessary enhancements/updates/upgrades to existing security products.
• Assist in the configuration and installation of security products. Where possible, suggesting and implementing possibilities to automate manual operational activities.
• Represent Information Security in disaster recovery procedures and exercises.
• Test and report on new technologies and reporting security concerns through the creation of security vulnerability assessments.
• Review and approve ACL / firewall change requests.  Perform periodic compliance reviews of firewall configurations.
• Design, implement, and integrate security solutions to address enterprise risks and exposures.
• Design and implement security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure.

2.
Apply technology and processes to ensure the enterprise is protected and secured in the following areas:
• Identity and access management
• Provide data protection (through the use of technologies such as whole disk encryption, end-to-end e-mail security, public and private key management, data leakage prevention, web applications and source code security, database security, etc.)
• Network devices and infrastructure, desktop/mobile devices and remote access to the network,
• Information governance to ensure data is managed based on its sensitivity.
• Perform day-to-day maintenance and addressing issues and problems associated with security tools.
• Provide general support to the Information Security department in carrying out its’ assigned functions and responsibilities.
• Provide off-hours support and problem resolution as directed by departmental requirements, service level agreements and internal support procedures.
• Interact with other Technical and Operation Support Service teams to develop tactical and strategic programs to address processes, controls, organization and infrastructure to manage information security related concerns and satisfy directives.

3.
• Assist with reviews of current and new CareFirst systems and applications, including changes to existing applications/systems, to assure compliance with Information Security policies and standards.
• Apply creative thinking in problem solving and identifying opportunities for improvements in security.
• Utilize IDS/IPS systems, SIEM (Security Incident and Event Management) tools and network scanners to review, assess, and document incidents and vulnerabilities to improve security.
• Collaborate with other Cyber Security specialists, designers, developers, and architects. 
• Work with other technical teams in the organization such as IT Operations and IT Applications. 
• Share ideas, discuss alternatives, and seek input.  Suggest means to decrease vulnerability of systems, applications and processes.
• Maintain familiarity with state of the art concepts, procedures, software and techniques in Information Security in order to be able to effectively assess and develop the CareFirst Information Security environment.

QUALIFICATION REQUIREMENTS:

Required: 
College Degree in an Information Security or Technology related field or equivalent experience plus 1 to 3 years related work experience.   The incumbent will possess a basic aptitude in information security concepts, information security policies and system architecture concepts and have experience in process definition, workflow design, and process mapping.  A basic understanding in multiple areas of Information Security such as networking (TCP/IP, OSI model, network protocols), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, switches, routers, IPSEC, IDS/IPS, etc.), voice technologies (session border controllers, MPLS, VOIP, etc.), authentication technologies, (TACACS, RADIUS, etc.), wireless architectures, encryption key management, and mobile device technologies.  The incumbent must also have an ability to quickly and effectively learn Information Security tools in a large, complex multi-platform environment.

Abilities/Skills (candidate will possess some of these):
• Ability to identify and resolve complex issues and develop security solutions to meet CareFirst’s business and technology goals.
• Strong written documentation skills and technical writing are required.
• Excellent presentation and verbal communication skills.
• Ability to effectively complete tasks with under some supervision.
• Strong computer skills, including knowledge of Microsoft Windows,  various e-mail systems (Lotus Notes, Microsoft Exchange) and unified communication systems (Office Communication Server).
• Possess a high level understanding of some of the following systems/skill sets:
o IBM Tivoli administration and configuration
o System hardening concepts and techniques
o Checkpoint technologies
o Network and remote access controls
o LDAP, Unix, Active Directory, Java, EJB, JSP, JDBC, JMS, Kerboros, PKI, XML, WSDL, Web Services, Ant, and Spring Framework
o Unix, Linux, Web application servers (WebSphere, Apache)
o Virtualization technologies (VMware, VLANS, Hypervisors)
o Encryption technologies and key management
o Web application servers
o F5 LTMs / ASMs
o Web application and IP firewalls
• Familiarity with access control methodologies (MAC, DAC. RBAC)

Preferred:
• Specific knowledge of the CareFirst corporate structure.
• An understanding of the relationships among various units within the corporation.
• Ability to understand and apply appropriate policies and procedures.
• Basic understanding of SIEM tools and system log analysis.
• Knowledge of ethical hacking techniques and counter attack methodologies.
• Familiarity with security tools such as wireless and network scanning applications, vulnerability assessment applications and concepts, IDS/IPS and other appropriate security related tools and capabilities.
• Some experience working with Information Security tools in a large, complex, multi-platform environment.

Any technical certifications is a plus – such as Network+, Security+, A+, CISSP, ITIL, and others


#LI-CS1

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Closing Date

Please apply before: 6/14/2020

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.

PHYSICAL DEMANDS:

The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

 

Recommended skills

Application Security
Information Security
Encryption
Authentications
Access Controls
Disaster Recovery
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 13531-1A

CAREERBUILDER TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.