Anthem Inc. Jobs

Description

SHIFT: Day Job

SCHEDULE: Full-time

Location: Atlanta, GA on-site.

Your innovation. Our impact. At Anthem, Inc., it’s a powerful combination, and the foundation upon which we’re creating greater access to care for our members, greater health for our communities, and greater experiences for our customers. Innovation is a top priority. Here, you’ll have an opportunity to work in a collaborative environment that brings together industry leaders and technology experts, so together we can drive the future of health care.

As a Cloud Security Advisor you will combine your strong cloud background OR diverse experience within cloud platform and application security to provide cloud systems security solutions expertise in an advisory capacity. Familiarity with NetSkope platform and its CASB capabilities are a plus.

Help establish, validate and monitor Cloud Security Controls, deliver security guidance and consults, and share input considerations that can evolve security compliance, adherence to technical requirements methodology, program capabilities and focused maturity for the following areas:

• Visibility Cloud services are provisioned within enterprises with proper administration, management, validation and oversight

• Security baselines and guidance are integrated into business awareness and requirements

• Compliance models for hybrid multi-tenant and multi-cloud provider environments;

• Data protected at rest and in transit as a standard

• Support consistent Cloud IAM strategy, implementation and remediation oversight

• Incident Response Rapid identification of incidents and recovering from Cloud breaches

• Serve as a key contact for setting strategy including Cloud security vendors and Vendor Management Cloud requires a shared responsibility model

• Accountable for measuring adherence, risks and growing effective partnerships with peer teams and stakeholders to drive secure design, implementation and orchestration of complex, multi-product security solutions for enterprise cloud systems.

• Participate in architecture and security control reviews, and cloud committees as part of the program lifecycle. Document and communicate where automatic provisioning of native cloud services, business application systems and adherence monitoring are and are not governed and controlled by security automation, standards, roles and policies

Primary duties may include, but are not limited to:

• Help accelerate shift to Cybersecurity ‘Prevention and Detection’ in the support of architecture designs and planning for information and network security technologies

• Provides technical guidance and support to business and technology associates in risk assessments and implementation of appropriate information security procedures, standards and technologies

• Maintains security mitigation and remediation plans; represents major upgrades and business system replacements in change control

• Oversees Enterprise mix of vendor services

• Recommends changes and updates to cloud security protections and governance strategy based on NIST, regulatory and evolving threats drivers

• Designs & engineer prescriptive templates, repeatable technical solutions based on business requirements and defined technology standards; develops support procedures and performance metrics reports

• Creates presentations and socialize with IT and business management for approval or acceptance of significant replacements or changes in major security technologies serving the Enterprise

• Provides technical security guidance and leadership to technologists within the organization

• Proposes opportunities to improve security outcomes and reduce risks based on targeted or continuous assessments

• Routinely acts as a subject matter expert among peers, managers and senior management.

• Develop reports supporting adherence to prescribed standards, security absolutes and risk-based measures for Cloud Security Governance.

Qualifications

Requires BS/BA in related field; or any combination of education and experience, which would provide an equivalent background

• 8+ years experience in systems administration and security aspects of enterprise information systems, networking, telecommunications, systems development and management lifecycle; significant experience with multiple technical and business disciplines required; requires broad-based experience to plan and design highly complex systems; or any combination of education and experience, which would provide an equivalent background

• Demonstrated experience or substantial knowledge in supporting competencies in cloud security standards and controls

• Requires either: Demonstrate high degree of technical security tooling in commercial cloud environments OR Diverse experience within Platform security and applications experience to enable native cloud solutions

• Technical expertise to understand multiple cloud platforms (AWS, GCP, Azure)

• Technical and conceptual knowledge of configurations in cloud platforms and expertise of AWS security stack e.g. Cloud trail, Cloud watch, Guard Duty, Advanced Shield, IAM policies

Preferred experience, knowledge or certifications:

• Minimum 2 years of experience supporting any cloud environment with multifactor authentication, CASB and Container Security technologies

• Strong working knowledge and technical support experience in application development lifecycle, DevOps CI, DevOps CD or DevOps/CICD

• Experience and working knowledge of application security testing, specifically SCA, SAST, DAST and Manual Penetration Testing

• Technical security training and experience in any of the following cloud provider services – AWS, MS AZURE, GOOGLE CLOUD

• Security Certifications: CISSP preferred, CCSP and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications); any level of training on Amazon Web Services (AWS), Cloud Security Alliance (CSA) Controls Matrix and CIS benchmarks

• Demonstrate knowledge of security best practices, policies and standards to design highly secure public and private cloud architectures that support application services in-scope of HIPAA, PII and PCI regulations

• Consultative presentations and guidance engagements with technology teams, business application owners and technology partners

• Agile or SAFe Agile team experience for complex deliverables in matrixed environments

Anthem, Inc. is ranked as one of America’s Most Admired Companies among health insurers by Fortune magazine, and is a 2018 DiversityInc magazine Top 50 Company for Diversity. To learn more about our company please visit us at antheminc.com/careers.

AnEqualOpportunityEmployer/Disability/Veteran

REQNUMBER: PS42376