Principal Information Security Architect

Job Description

IT is different here. Our work as technology specialists pushes the boundaries of what’s possible in health care. You will build solutions that make a real difference in people’s lives. Driven by the importance of their work, our team members innovate to elevate. We’re encouraged to be curious, collaborate, and turn ideas into solutions that can make health care better for all.

The (CIAM) Information Security Architect is responsible for work with key business partners, developers, vendors, and security engineers to help craft the future of our Consumer Identity and Access Management (CIAM) Program. This position will focus on the solution design for the Customer Identity and Access Management (CIAM) platform and guide the team on its implementation. The (CIAM) Information Security Architect should be comfortable and knowledgeable regarding the challenges of B2B, B2C, and other IAM ecosystems, an expert at managing, configuring, and developing CIAM platforms.

If you are ready to make a career out of making a difference, then you are the person for this team.

What You Will Do

• Influence, consult with and build collaborative working relationships with senior business and IT leadership at the VP/Officer and C levels to help meet long term security objectives.
• Conduct risk assessments, evaluate alternative strategies, develop recommendations and ensure responsive communication with business representatives, security management, and third party vendors.
• Participate in the design review process and support the overall Security Architecture process.
• Plan, implement, and manage IAM/CIAM and associated products to meet user and company needs. The (CIAM) Information Security Architect will work closely with other cross functional teams to scope and help mature the Consumer Identity and Access Management program services for our Partner and Customer Experience.
• Utilize security expertise and knowledge of new and emerging cyber-attacks threats to make recommendations to management regarding implementation of best practices and/or process improvements to proactively protect the company’s systems and networks.
• Perform analysis of requirements and for the definition of detailed solution design, implementation, and delivery of IAM/CIAM solutions
• Provide technical expertise to complex relevant problems
• Develop, maintain and implement security policies, processes, tools and methodologies that support security architecture standards and ensure effective evolution of security architecture within the organization.

What You Bring

• Bachelor’s degree and 7 years of broad based information security experience, with expertise in the following areas: security engineering, security operations/ administration, incident response, audit, controls and risk management.
• Experience with architecture processes, strategies and standards is required. 
• IT consulting and executive advisory experience with demonstrated skills in translating business requirements to technical solutions is necessary.
• If no degree, 8 years of experience as stated above.
• Functional understanding of IAM processes and systems related to Identity Governance and Administration (IGA), Identity and Access Management (IAM) and Privileged Access Management (PAM).
• Prior experience supporting Multi-Factor Authentication (MFA) protocols and systems.
• Strong/expert level understanding of authentication mechanisms and protocols including OIDC/OAuth and SAML, and key related security concepts such as MFA, and how these are used with IdPs
• Experience coordinating vendor solution delivery and partnering effectively with vendors to meet business needs.
• At least one security industry certification (i.e., CISSP, CISA, CISM, SANS).

Hiring Preferences

• An understanding of core security concerns within a typical application (Password hashing, SSL/TLS, encryption at rest, XSS, XSRF)
• Familiarity with data privacy concepts, fraud detection and integration technologies
• Experience in configuration, implementation, and development of web services, SAML, integration of REST and OAUTH API with various applications and services.
• An understanding of core security concerns within a typical application (Password hashing, SSL/TLS, encryption at rest, XSS, XSRF)
• Exceptional consulting skillset with ability to provide appropriate direction to other IT groups and executives on security matters.
• Demonstrated initiative to learn new technologies.
• Exceptional analytical and problem-solving skills.
• Proven ability to present and discuss highly complex technical information to users with varying technical expertise.
• Must be detail-oriented with a focus on accuracy.
• Excellent written and verbal communication skills, including excellent presentation skills.
• Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.
• Superior customer focus and the ability to manage customer expectations.

Salary Range

At Blue Cross NC, we take great pride in a fair and equitable compensation package that reflects market-price and our starting salaries are typically planned near the middle of the range listed. Compensation decisions are driven by factors including experience and training, specialized skill sets,  licensure and certifications and other business and organizational needs. Our base salary is part of a robust Total Rewards package that includes an Annual Incentive Bonus*, 401(k) with employer match, Paid Time Off (PTO), and competitive health benefits and wellness programs. 

*Based on annual corporate goal achievement and individual performance.
 

$105,600.00 - $191,800.00