Conduct complex risk analysis of the technical and non-technical processes that support new and existing BCBSA environments, ensuring that actionable and effective controls are in place and implemented. Examples include Risk Analysis (RA) and Risk Mitigation (RM); Vulnerability Assessments; and Preparedness Assessments.
Manage company-wide response of complex information security and/or disaster incidents. Activities include partnering with senior management to prepare the BCBSA enterprise to respond effectively to an incident, including appropriate use of simulation exercises and testing, as well as creation of supporting documentation.
Establish and maintain documentation to: mitigate risk, demonstrate HIPAA security compliance, and ensure rapid response/recovery following disruptions to essential BCBSA processes. Examples include the BCBSA Business Continuity Plan, Business Impact Analysis (BIA), comprehensive Risk Analysis (RA), and BCBSA Security Policies, Procedures, and Standards.
Assist the Director, Business Protection Services in addressing other activities such as strategic planning, IT audit compliance, and budget preparation.
Required Basic Qualifications:
A Bachelor’s degree in computer science, information management, engineering or related field, or equivalent work experience
A minimum of 7 years’ experience in similar or progressively responsible position in information security and/or business continuity/disaster recovery
ServiceNow GRC module and implementation expertise
3rd Party risk management expertise
Preferred Basic Qualifications:
Experience within health care insurance or financial services industry
Experience in interfacing with senior management and corporate committees and workgroups to communicate business information security and/or continuity/disaster recovery related concepts to a broad range of technical and non-technical staff
Excellent communication (written and verbal) and facilitation skills
Demonstrated skill as a consensus builder with a business-based attitude, results-oriented and commitment-focused
A strong knowledge of the business environment, information systems portfolio, and operational infrastructure
CISSP, CISM, or CBCP
Equal Opportunity Employer
Blue Cross Blue Shield Association is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, disability, veteran status, genetic information or any other legally protected characteristics
Additional Salary Information: performance bonus up 8%
Internal Number: 2020-3428
About Blue Cross Blue Shield Association
As the association representing our 36 BCBS companies, the Blue Cross Blue Shield Association (BCBSA) provides a strong foundation of national leadership with industry colleagues, government officials, the media and the public. BCBSA employees work in our offices in Chicago and Washington, D.C.