Information Security Analyst I

With more than 7,000 employees, we are the largest health insurance company in Michigan. We offer an exciting work environment with a diverse group of employees. Our goal is to make health insurance easier for our members. We want to transform the industry and become a resource that people can trust.

Detroit, MI

Blue Cross Blue Shield of Michigan

When you think of <a href="https://www.bcbsm.com/" target="_blank" rel="noopener noreferrer">Blue Cross Blue Shield of Michigan</a> for health insurance, you can know you&rsquo;re getting much more. We're a company founded on a tradition of affordable, quality health care for everyone, improving the present and investing in the future.<br /><br />We offer:<br />Plans for employers and individuals that meet today&rsquo;s needs, budgets and lifestyle<br />The largest network of doctors and hospitals in the state<br />Lower health care costs Higher quality health care<br />Award-winning diversity practices<br />Grants and programs that promote better health throughout Michigan<br /><strong><br />Mission:&nbsp;</strong>We commit to being our members&rsquo; trusted partner by providing affordable, innovative products that improve their care and health.<br /><br /><a href="http://www.bcbsm.com/index/about-us/our-company.html" target="_blank" rel="noopener noreferrer"><strong>Click here</strong></a> to learn more about our commitment to our Social Mission, view company updates and reviews, and view our awards &amp; accolades.<br /><br />Learn more about your options as an external candidate. <a href="https://bcbsm.taleo.net/careersection/2/jobsearch.ftl?lang=en" target="_blank" rel="noopener noreferrer">Click here</a> to view open positions. http://www.bcbsm.com

keywords: planning,support,security,support,provide,teamwork,quality assurance,performance,communication,skills,degree,experience,communication,knowledge

Full-time

Competitive Compensation and Benefits Package

Overview: Plan, execute information security initiatives for one functional area related to risk management, mitigation and response, compliance, control assurance, and user awareness. Assist in developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-consultative services to the organization.
Responsibilities: <ul> <li>Propose improvements and assist in the implementation of enterprise-wide security policies, procedures and standards to meet compliance responsibilities. Track changes to security policies, procedures, standards and system configurations. Monitor compliance with security policies, standards, guidelines and procedures. Ensure security compliance with legal and regulatory standards.</li> <li>Participate with team(s) to gather a full understanding of project scope and business requirements. Maintain awareness of current business processes and their security risks.</li> <li>Assist in business impact analysis to ensure resources are adequately protected with proper security measures. Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.</li> <li>Run security analysis reports using commercial tools or custom scripts and documents gaps. Update and maintain documentation for a global risk framework (a single view of the information security risk profiles and tolerance.). Capture, maintain, and monitor information security risk in one repository.</li> <li>Check existing accounts and data access permission requests against documented authorizations. Gather, organize, and maintain data for reporting.</li> <li>Assist/perform in security assessments and performs security attestations. Inspect security logs to uncover possible security violations (e.g., break-ins, unauthorized activity). Check existing accounts and data access permission requests against documented authorizations. Support the coordination of all IT internal and external assessment components.</li> <li>Perform security monitoring and reporting, analyze security alerts and escalate security alerts to local support teams.</li> <li>Participate in recovery drills. Provide security support for application- and infrastructure-related projects to ensure that security issues are addressed throughout the project life cycle. Provide responsive support for problems found during normal working hours as well as outside normal working hours.</li> <li>Resolve problems and assists with security incident handling. Respond to security incidents and assists in forensic investigations.</li> <li>Gather and track information security metrics. Generate adhoc and routine reports.</li> <li>Assist in application security risk assessments for new or updated internal or third party applications. Assist in the evaluation and recommendation for tools and solutions that provide security functions.</li> <li>Provide updates and status of issues to information security</li> </ul>
Requirements: <ul><li>Bachelor’s degree in computer related field preferred. </li><li>One (1) year of IT work experience required. </li><li>Knowledge and familiarity with security frameworks (e.g. HITRUST) preferred. </li><li>Strong analytical, problem solving and consulting skills with knowledge of Information Security and related technologies. </li><li>Accuracy and attention to detail skills. </li><li>Written and verbal communication skills. </li><li>Ability to work independently, or within a team environment. </li><li>Other related skills and/or abilities may be required to perform this job. </li></ul>