Info Security Analyst I

With more than 7,000 employees, we are the largest health insurance company in Michigan. We offer an exciting work environment with a diverse group of employees. Our goal is to make health insurance easier for our members. We want to transform the industry and become a resource that people can trust.

Detroit, MI

Blue Cross Blue Shield of Michigan

When you think of <a href="https://www.bcbsm.com/" target="_blank" rel="noopener noreferrer">Blue Cross Blue Shield of Michigan</a> for health insurance, you can know you&rsquo;re getting much more. We're a company founded on a tradition of affordable, quality health care for everyone, improving the present and investing in the future.&nbsp;<br /><br />We offer:<br />Plans for employers and individuals that meet today&rsquo;s needs, budgets and lifestyle<br />The largest network of doctors and hospitals in the state<br />Lower health care costs Higher quality health care<br />Award-winning diversity practices<br />Grants and programs that promote better health throughout Michigan<br /><strong><br />Mission:&nbsp;</strong>We commit to being our members&rsquo; trusted partner by providing affordable, innovative products that improve their care and health.<br /><br /><a href="http://www.bcbsm.com/index/about-us/our-company.html" target="_blank" rel="noopener noreferrer"><strong>Click here</strong></a> to learn more about our commitment to our Social Mission, view company updates and reviews, and view our awards &amp; accolades.<br /><br />For Application Timeline &amp; Selection Process:&nbsp;<a href="https://s3.amazonaws.com/data.vizirecruiter.com/Images/BCBSMCareers+-+Quick+Reference+Guide.pdf" target="_blank" rel="noopener noreferrer">Click Here</a>. Learn more about your options as an external candidate. <a href="https://ejko.fa.us2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_3/requisitions" target="_blank" title="BCBSM" rel="noopener noreferrer">Click here</a> to view open positions. http://www.bcbsm.com

keywords: summary,security,support,teamwork,quality assurance,performance,check,experience,knowledge,skills,design,degree,professional

Full-Time

Competitive Total Compensation Package

Overview: <p>Plan, execute information security initiatives for one functional area related to risk management, mitigation and response, compliance, control assurance, and user awareness. Assist in developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-consultative services to the organization.</p>
Responsibilities: <ul> <li>Propose improvements and assist in the implementation of enterprise-wide security policies, procedures and standards to meet compliance responsibilities.&nbsp; Track changes to security policies, procedures, standards and system configurations.&nbsp; Monitor compliance with security policies, standards, guidelines and procedures.&nbsp; Ensure security compliance with legal and regulatory standards.</li> <li>Participate with team(s) to gather a full understanding of project scope and business requirements.&nbsp; Maintain awareness of current business processes and their security risks.</li> <li>Assist in business impact analysis to ensure resources are adequately protected with proper security measures.&nbsp; Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.</li> <li>Run security analysis reports using commercial tools or custom scripts and documents gaps.&nbsp; Update and maintain documentation for a global risk framework (a single view of the information security risk profiles and tolerance.).&nbsp; Capture, maintain, and monitor information security risk in one repository.</li> <li>Check existing accounts and data access permission requests against documented authorizations.&nbsp; Gather, organize, and maintain data for reporting.</li> <li>Assist/perform in security assessments and performs security attestations.&nbsp; Inspect security logs to uncover possible security violations (e.g., break-ins, unauthorized activity).&nbsp; Check existing accounts and data access permission requests against documented authorizations.&nbsp; Support the coordination of all IT internal and external assessment components.</li> <li>Perform security monitoring and reporting, analyze security alerts and escalate security alerts to local support teams.</li> <li>Participate in recovery drills.&nbsp; Provide security support for application- and infrastructure-related projects to ensure that security issues are addressed throughout the project life cycle.&nbsp; Provide responsive support for problems found during normal working hours as well as outside normal working hours.</li> <li>Resolve problems and assists with security incident handling.&nbsp; Respond to security incidents and assists in forensic investigations.</li> <li>Gather and track information security metrics.&nbsp; Generate adhoc and routine reports.</li> <li>Assist in application security risk assessments for new or updated internal or third party applications.&nbsp; Assist in the evaluation and recommendation for tools and solutions that provide security functions.</li> <li>Provide updates and status of issues to information security teams.&nbsp;</li> </ul>
Requirements: <ul> <li>Bachelor&rsquo;s degree in computer-related field preferred.</li> <li>One (1) year of IT work experience required.</li> <li>Knowledge and familiarity with security frameworks (e.g. HITRUST) preferred.</li> <li>Strong analytical, problem solving and consulting skills with knowledge of Information Security and related technologies.&nbsp;</li> <li>Accuracy and attention to detail skills.</li> <li>Written and verbal communication skills.</li> <li>Ability to work independently, or within a team environment.</li> <li>Other related skills and/or abilities may be required to perform this job.</li> </ul> <ul> <li>Experience developing, modifying, and maintaining Splunk apps and add-on apps including creating dashboards and metrics with a strong understanding of SPL and Visualizations components</li> <li>Splunk design experience with tokens, XML, CSS, Regex, Tokens, JavaScript&nbsp;&nbsp;</li> <li>Working knowledge of HITRUST and other frameworks and Best Practices&nbsp;&nbsp;</li> <li>Ability to explain complex technical topics to Security and IT leadership&nbsp;</li> </ul>