Information Security Sr Advisor (Application Security)

Description:

Description

SHIFT: Day Job

SCHEDULE: Full-time

Be part of an extraordinary team.

We are looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. You will thrive in a complex and collaborative environment where you take action and ownership to solve problems and lead change. Do you want to be part of a larger purpose and an evolving, high-performance culture that empowers you to make an impact?

Preferred Location: Richmond, VA | Norfolk, VA | Indianapolis, IN | Mason, OH | Atlanta, GA

Essential duties to include, but are not limited to:

• Develops, recommends, and implements enterprise information security policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
• Responsible for the selection and delivery of strategic network security, access control and secure transaction/messaging solutions.
• Leads system and network architecture support for information and network security technologies; leads development and execution of risk assessment methodologies to fit business, regulatory, and technical environment considerations; leads the development of requirements, system architecture, and software design of security products and services; leads the development of strategies for discovery, evaluation and response to new networking attacks; develops security incident response plans and strategies.
• Provides trouble resolution and serves as point of technical escalation on complex problems.
• Creates presentations and seeks IT management approval and acceptance of significant replacements or reconfigurations of major security systems serving the Enterprise.
• Sets vendor strategy and direction.
• May be assigned to project teams for technical consultation to business partners and developers.
• Designs & engineers comprehensive access management and network security technical solutions based on business requirements and defined technology standards; works with architecture to update technology direction & strategy.
• Develops reports supporting strategy and direction for management.
• Capable of serving as technical merger & acquisition lead.
• Acts as a subject matter expert among peers, with manager and senior management.
• Must be capable of providing top-tier support for 5 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.

Qualifications

Minimum Qualifications:

• Requires BS/BA in information Technology or related field of study and a minimum of 8 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; requires broad-based experience to plan and design highly complex systems; or any combination of education and experience, which would provide an equivalent background.

Preferred Skills:

• Ability to drive security business project efforts and keep the delivery on track (project management skillset).
• Experience with SAST & DAST Scanning Tools
• Experience with ServiceNow, Jira, Confluence
• Advanced knowledge and understanding of industry-accepted controls and concepts as applied to access management and network security technologies, hardware, software, data, network communications, and people.
• Security Policy, HITRUST and NIST Security Frameworks ( 800-171, 800-53 and Cybersecurity )
• Security Certifications: CISSP, CEH, CSSLP and other advanced technical security certifications preferred.
• Application security experience preferred.
• Strategic vision for security, ability to identify weaknesses and develop remediation plans and strategies.
• Health care industry experience preferred.
• Experience with Checkmarx and SNYK.
• Experience with Qualys DAST Scans.
• Secure coding experience with .NET, JAVA, Pega.
• Experience with API security.
• PMP Certification.

We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few.

The health of our associates and communities is a top priority for Anthem. We require all new candidates to become vaccinated against COVID-19. If you are not vaccinated, your offer will be rescinded unless you provide – and Anthem approves – a valid religious or medical explanation as to why you are not able to get vaccinated that Anthem is able to reasonably accommodate. Anthem will also follow all relevant federal, state and local laws.

Anthem, Inc. has been named as a Fortune Great Place To Work in 2021, is ranked as one of the 2021 World’s Most Admired Companies among health insurers by Fortune magazine, and a Top 20 Fortune 500 Companies on Diversity and Inclusion. To learn more about our company and apply, please visit us at careers.antheminc.com. Anthem is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact [email protected] for assistance.

Req #: PS70609