[Hiring] Information Security Specialist @Capital Blue Cross

Role Description

The Information Security Specialist will be responsible for protecting systems, network, and data from cyber threats. Responsibilities include:

• Monitor and analyze security events using SIEM tools to detect and respond to threats in real-time.
• Investigate security incidents, perform root cause analysis, and document findings for remediation and reporting.
• Manage the full vulnerability lifecycle across enterprise systems, including identifying security weaknesses, assessing and prioritizing risk, coordinating remediation efforts, and validating that issues are resolved.
• Work closely with IT and business teams to ensure vulnerabilities are addressed in a timely manner based on risk, impact, and relevant threat intelligence.
• Analyze logs from endpoints, servers, network devices, and cloud platforms to identify suspicious activity.
• Support incident response activities including containment, eradication, and recovery.
• Manage vendor security assessment reviews to enable informed decision-making related to third party engagements.
• Participate in threat hunting activities to proactively identify hidden threats in the environment.
• Perform other functions as assigned by Information Security management.

Qualifications

• Results oriented, with demonstrated problem-solving and decision-making skills.
• Ability to effectively listen and communicate in order to present technical concepts to audiences of all levels both verbally and in writing.
• Ability to prioritize and complete assignments independently in a rapidly changing and dynamic work environment along with good organizational skills.

Requirements

• 3-5 years of experience in information security, cybersecurity, or a related IT role.
• Hands-on experience monitoring and responding to security events using a SIEM platform such as Splunk or similar.
• Experience with incident response, including investigation, containment, and recovery.
• Proven experience with vulnerability management tools such as Tenable, or Nessus.
• Experience analyzing logs from endpoints, servers, network devices and cloud services.
• Familiarity with endpoint detection and response (EDR) tools and network security technologies (firewalls, IDS/IPS).

Education and Certifications

• A Bachelor’s degree in Computer Science, Business Administration or related field; or a minimum of five years of practical related experience; or an equivalent combination of experience and education.
• Preferred security certifications including, CISSP, CISM, CRISC or equivalent.

Physical Demands

• While performing the duties of the job, the employee is frequently required to sit, use hands and fingers, talk, hear, and see.
• The employee must be able to work over 40 hours per week.
• The employee must occasionally lift and/or move up to 5 pounds.

Benefits

• Comprehensive benefits package including Medical, Dental & Vision coverage.
• Retirement Plan.
• Generous time off including Paid Time Off, Holidays, and Volunteer time off.
• An Incentive Plan.
• Tuition Reimbursement.