IT Director-Information Security Operations

With more than 7,000 employees, we are the largest health insurance company in Michigan. We offer an exciting work environment with a diverse group of employees. Our goal is to make health insurance easier for our members. We want to transform the industry and become a resource that people can trust.

Detroit, MI

Blue Cross Blue Shield of Michigan

When you think of <a href="" target="_blank" rel="noopener noreferrer">Blue Cross Blue Shield of Michigan</a> for health insurance, you can know you&rsquo;re getting much more. We're a company founded on a tradition of affordable, quality health care for everyone, improving the present and investing in the future.&nbsp;<br /><br />We offer:<br />Plans for employers and individuals that meet today&rsquo;s needs, budgets and lifestyle<br />The largest network of doctors and hospitals in the state<br />Lower health care costs Higher quality health care<br />Award-winning diversity practices<br />Grants and programs that promote better health throughout Michigan<br /><strong><br />Mission:&nbsp;</strong>We commit to being our members&rsquo; trusted partner by providing affordable, innovative products that improve their care and health.<br /><br /><a href="" target="_blank" rel="noopener noreferrer"><strong>Click here</strong></a> to learn more about our commitment to our Social Mission, view company updates and reviews, and view our awards &amp; accolades.<br /><br />For Application Timeline &amp; Selection Process:&nbsp;<a href="" target="_blank" rel="noopener noreferrer">Click Here</a>. Learn more about your options as an external candidate. <a href="" target="_blank" rel="noopener noreferrer">Click here</a> to view open positions.

keywords: position summary,position details,oversee,security,teamwork,talent acquisition,production,implementation,document,support,experience,knowledge,skills,degree,certification,goals


Competitive Total Compensation Package

Overview: The Director - Information Security Operations serves as the process owner for all operational activities that serve to protect the confidentiality, integrity, and availability of member, employee, and business information and systems in compliance with organization policies and standards, along with regulatory obligations. He/she leads a highly technically proficient team, provides strategic and operational direction, ensuring that objectives/metrics are achieved, managing risks appropriately, using organizational resources responsibly, and monitoring the success or failure of security operations including risk assessment/acceptance; vulnerability management; security event and threat monitoring and reporting; intrusion, malware and inappropriate use detection; effective implementation of policy, standards, and controls; and incident response.
Responsibilities: <ul> <li> <div>Implement, manage and operationalize a security event management program (e.g., Security Operations Center) to collect, store, and correlate, analyze and respond to security data derived from sensors (e.g., Intrusion Detection Systems/Intrusion Prevention Systems), logs, and incident reports. Create advanced content to detect emerging threats utilizing threat intelligence sources and discipline.&nbsp;</div> </li> <li> <div>Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary, and legal matters associated with such breaches as necessary.</div> </li> <li> <div>Serve as an internal information security consultant to the organization. Support enterprise architecture, system operations, and systems development, as required, to ensure information security policy, standards and controls are planned for and effectively implemented.</div> </li> <li> <div>Recruit, retain, develop and maintain a qualified team of security engineers/technicians, analysts, and vendors who safeguard the company&rsquo;s assets, intellectual property, and information systems.</div> </li> <li> <div>Direct and oversee the performance of risk assessments and network vulnerability assessments. The document, prioritize and manage all remediation recommendations and documents and manage exceptions. Direct and oversee the performance of application assessments to include both application risk and technical vulnerability assessments.</div> </li> <li> <div>Actively participate in strategy and budget planning activities and monitor performance relative to established goals and objectives.</div> </li> <li> <div>Conduct root causes analysis of real or suspected security incidents and identify the cause and recommended corrective actions.</div> </li> <li> <div>Collaborate with Governance, Risk, and Performance on the definition and execution of security training and awareness initiatives with a focus on identifying and correcting behaviors that contribute to poor security practices or increase the risk to information and systems.</div> </li> <li> <div>Provide and or contribute to the development of annual and ad-hoc information security evaluations and performance reports to be shared with the Information Security Working Group and other executive leadership, as required.&nbsp;</div> </li> <li> <div>Produce, collect and report on relevant existing and emerging information security threats in coordination with the threat intelligence and vulnerability management disciplines.</div> </li> </ul>
Requirements: <ul> <li> <div>Bachelor&rsquo;s or Master&rsquo;s degree in Computer Science, Information Systems, Engineering or related major</div> </li> <li> <div>CISSP, CCSP, CCNA, CCNP, CCIE Security, CCVP, MCSE certifications are preferred</div> </li> <li> <div>A minimum of ten (10) years of experience in Information Technology, Information Security/Risk or related field is required with five (5) years of management experience</div> </li> <li> <div>Solid experience with implementing information security and governance programs</div> </li> <li> <div>Proven track record of being results-oriented with the demonstrated achievement of meeting aggressive goals and tight timelines</div> </li> <li> <div>Demonstrated expertise in building a consensus across business partners and technology leaders and influencing successful outcomes</div> </li> <li> <div>Advanced analytical, organizational, verbal, written, communication, and presentation skills</div> </li> <li> <div>Knowledge of applicable laws, guidelines, or regulations as they relate to information technology.</div> </li> <li> <div>Strong leadership, coaching, and mentoring skills</div> </li> <li> <div>Proven presentation and facilitation skills</div> </li> <li> <div>Other related skills and/or abilities may be required to perform this job</div> </li> </ul> <div id="gtx-trans" style="position: absolute; left: -252px; top: 26px;">&nbsp;</div>